LONDON (Reuters) – Cyber insurance premiums are falling globally as businesses become better able to limit losses from cybercrime despite a rise in ransomware attacks, insurance broker Howden said in a report on Monday.
Insurance premiums to protect businesses against cyberattacks have soared in 2021 and 2022 as the COVID-19 pandemic has led to an increase in cyber incidents.
But premiums have fallen over the past year, according to Howden's annual report, with the cyber insurance market seeing double-digit price cuts for 2023/24, Howden said.
Enhanced security, such as multi-factor authentication, has helped protect company data and reduce insurance claims.
“MFA at its most basic is like locking your door when you leave home,” said Sarah Neild, UK head of cyber retail at Howden.
“Cybersecurity is a multi-layered issue,” Nield added, also pointing to increased investment in IT security, including staff training.
“Overall, our clients are becoming stronger.”
Nield said insurers' increased willingness to offer cyber insurance despite the rise in attacks was also contributing to lower prices.
Following Russia's invasion of Ukraine in February 2022, global ransomware attacks declined as hackers from various countries focused on military activities.
However, the report found that recorded ransomware incidents increased 18% year-on-year in the first five months of 2024.
Ransomware works by encrypting data, and hackers typically provide victims of the attack with a passcode that allows them to recover their data in exchange for a cryptocurrency payment.
The biggest cost after a cyberattack is usually business interruption, but companies can reduce this by implementing better backup systems, such as using cloud providers, the report said.
Most cyber insurance business takes place in the United States, but given current low penetration rates, Europe is likely to see the fastest growth in the $15 billion global cyber insurance market over the next few years, the report said.
The report added that small and medium-sized businesses are less likely to purchase cyber insurance due in part to a lack of awareness of cyber risks.
(Reporting by Carolyn Cohn and Allison Williams Editing)
