All material subject to strictly enforced copyright laws. © 2021 Insurance Insider is part of Euromoney Institutional Investor PLC.
Accessibility | Terms & Conditions | Privacy Policy | Modern Slavery Act | Cookies | Subscription Terms & Conditions

Services sector to drive doubling of cyber premium by 2020

US commercial cyber liability premium is set to hit $6.2bn by 2020, with the services sector likely to be the biggest buyer of the standalone product in that timeframe, according to a report by data analytics firm Verisk.

The firm estimated the size of the US commercial cyber liability market, encompassing both standalone and package offerings, at $2.5bn for 2016.

The consensus among cyber insurance practitioners is that the global cyber insurance market currently generates around $3.0bn in premium.

Standalone commercial cyber liability premium, excluding package policies, totalled almost $1.5bn in 2016 and could grow to $4.1bn by 2020, according to Verisk.

Commercial cyber projection

Verisk's growth estimate is based on forecasted average annual growth in take-up rates of 20-30 percent.

The services sector, which includes education and health services, is expected to be the biggest buyer of standalone cyber products. In 2016, services firms collectively paid $480mn in premium for standalone cyber liability insurance. This figure could grow to $1.38bn by 2020, Verisk estimated.

Finance, insurance and real estate firms are anticipated to be the second largest buyer of the cover, with $1.14bn of cyber premium projected for 2020.

State and local governments ranked third, with standalone cyber premiums forecast to reach $620mn by 2020.

Utility firms are still some of the least active buyers of the cover. Transportation, communications, electric, gas and sanitary services collectively spent $10mn on standalone cyber liability cover in 2016. By 2020 this is expected to rise to $30mn.

Meanwhile, the middle market - defined as companies generating annual revenue of $10mn-$250mn - is expected to be the biggest generator of standalone cyber premium, at an estimated $2.46bn by 2020.

National accounts, or companies with annual revenues of over $250mn, are expected to account for $1.43bn of standalone cyber premium.

Verisk's analysis applies exposure, growth and insurance-specific measures to individual businesses and estimates the market size of standalone cyber policies and cyber as part of commercial package policies.

"The types and targets of cyber-attacks are changing frequently, causing certain industries to be more likely to buy cyber insurance," said Prashant Pai, vice president of cyber offerings at Verisk.

"Finding and sizing those opportunities will be critical for insurers as they look to capitalise on their efforts in this rapidly growing market."

Separately, Matthew Honea, cyber director at analytics firm Cyence, said cyber insurers should benefit from expanded cybersecurity budgets going forward.

It is predicted that information security spending will top $113bn by 2020, he said.

"In 2018, we'll continue to see cybersecurity budgets grow, but beyond just increasing the amount, executives will be more strategic with how they're tailoring budgets to address modern-day threats," Honea explained.

"For example, we expect to see more security budgets include a portion dedicated to cyber insurance to help mitigate uncharted risks or identified risks where technology may not help."

The market should start to see insurance leveraged as a way to bridge the gap that technology vendors leave, as cybersecurity solutions cannot guarantee 100 percent protection, Honea added.

Honea predicted that crypto-ransomware will become more advanced and more targeted in attacks.

"Crypto-ransomware will be a major threat to companies in 2018, as this new era of ransomware will leverage the latest techniques to get smarter, spread faster and target the most critical systems," he said.

Historically, ransomware attacks have cast a wide net and aimed to trick a handful of users to take the bait and pay the ransom to unlock files or devices, he continued.

"With crypto-ransomware, attackers will focus on reaching the highest value systems that can cripple an entire company - rather than targeting everyone and anyone - until the ransom is met. This can readily lead to losses in reputation, revenue and business interruption for victim companies."

Standalone cyber market potential
We use cookies to provide a personalized site experience.
By continuing to use & browse the site you agree to our Privacy Policy.
I agree