Cyber insurers have struggled to assess and quantify the risk they are underwriting. The only way the cyber insurance industry will be able to support the market's growing demand is through trust and transparency built upon quantifying digital risk through sound data science principles.
Recent ruling in New Jersey involving the NotPetya attacks indicates that insurers may not be able to use "cyber war" clauses as an excuse to not pay out for remediation of ransomware attacks.
Cyber insurance premiums have jumped 73% in the U.S alone. Greater specificity over what is (and what is not) covered has become a feature of many updated policies, as has the expectation that companies need to have greater cybersecurity hygiene in place in order to qualify for insurance.
Lloyd’s of London has issued a bulletin indicating that its cyber insurance products will no longer cover the fallout of cyber attacks exchanged between nation-states. This definition extends to operations that have "major detrimental impact on the functioning of a state."
If cyber insurance providers want to create a better system that can reduce claims and better protect their policyholders, they cannot ignore the biggest driver of cyberattacks – password security.
Why “Ransomware Insurance” Causes Healthcare Industry to Overlook Deeper, Underlying Security Issues
For the healthcare sector where 34% of all organizations were hit by ransomware last year, cyber insurance may seem like a good investment. However, this may give many organizations a false sense of security.
AXA made news earlier in the month for opting to drop ransomware payment coverage from new cyber insurance policies in France. Operations in Asia were subsequently hit by a ransomware attack.
AXA France, regional division of European insurance giant AXA Group and France's largest general insurer, has announced that it will no longer reimburse ransomware payments for customers within the country.
Cyber insurance firm CNA Financial potentially leaked clients’ data after being the victim of a sophisticated cyber attack that disrupted services. Data obtained may help hackers optimize targeting of firm’s customers.
New report from Allianz finds that cyber crime causes the most expensive insurance losses, but that internal failures are the most frequent overall reasons for cyber claims.