Insurers brace for cyber evolution: 'It's like mandating seatbelts and airbags'
Author: Lauren Johnson
Original article here.
According to research from Network Assured, the global cyber security market was valued at $7.60 billion in 2021 and is expected to grow to $20.43 billion by 2027. And, with the rapid evolution of cyberattacks and threats, the landscape of cyber insurance is having to evolve quickly. After all, data from the Consumer Sentinel Network suggests there were over 5.5 million reports of fraud and identity theft in 2023 alone.
But what does this mean for insurers in the field? What are the core concerns and emerging risks coming to the table in 2025 and beyond?
“I anticipate more integration between cyber insurance and cybersecurity,” said Joshua Parrish, president, RT Specialty San Diego. “The risks are so difficult to predict and underwrite that it seems a natural evolution that more buyers will end up in an insurance program that provides both sides of the coin.”
Parrish highlighted the struggle small and medium enterprises (SMEs) face in affording adequate security measures, pointing out that he has heard from insurance carriers that they, too, have concerns around the sustainability of offering coverage under the current model.
“We’re already seeing this play out as leading markets race to integrate their offering with some level of cybersecurity services,” he said. “I believe that the integration will advance, and the carriers will use their greater purchasing power to provide a more integrated approach to addressing exposure for small and medium enterprises.”
He likens the integration of cybersecurity services and minimum required security controls with insurance to how the auto industry mandated seat belts and airbags, underscoring how the insurance industry has historically driven technological advancements in safety.
“You probably can’t put laws in place to make people buy security services, but the industry can use its scale to provide more affordable options,” Parrish said.
This integration, according to Parrish, could make cybersecurity more accessible to SMEs. Accessibility is not just a problem for policyholders but also for insurers, who face difficulties selling coverage if clients can’t afford to meet minimum requirements.
“If you have $1,000,000 in revenue and four to five employees, how do you justify paying for all of that [for cyber insurance]? It’s beneficial but also incredibly difficult to pull that money out of thin air and pay for those things,” he said.
Addressing the need for innovation in cyber insurance, RT Specialty is focusing on simplifying the distribution of cyber insurance, particularly for SMEs. The launch of its online marketplace, RT Connector, serves as a step towards reducing the friction for brokers in offering cyber coverage to smaller clients, according to Parrish.
His insights shed light on a potential transformation within the cyber insurance market. As cyber threats become more sophisticated and pervasive, the industry’s approach to mitigating risk must evolve in tandem. His emphasis on integration, innovation, and accessibility highlights a forward-thinking strategy aimed at keeping pace with rapid changes in the cyber landscape.
“The insurance industry has been at the forefront of advancing technological advancements for additional security purposes for hundreds of years now,” Parrish said. “We’re just thinking of it differently now because people think of technology, and they only think of software code numbers and, you know, zeros and ones. But if you think of seatbelts and airbags and antilock brakes, that’s technology too.”