Navigating the ever-evolving landscape of cyber insurance is something that we cannot rest on. As the year begins, most of us are looking into what this year holds. As we know, the rapidly changing landscape of IT is evolving and will always be presenting a myriad of challenges and opportunities. Among these, one significant change that is poised to shape the future is the transformation of cyber insurance. We will touch on the changing dynamics of cyber insurance and how the effects of these changes will impact organizations of all sizes.
As we are gearing up for this new year and moving 2023 to our rear-view mirror, some interesting things are occurring in all facets of IT. One factor that will become more and more prevalent in 2024 and beyond is what Cyber Insurance will cover and what will be changing in this space. One of the cornerstones of the insurance world, Lloyds of London announced in 2023 that they have a significant exclusion. They will refuse to cover “nation state attacks” and this move has caused a ripple effect that is impacting organizations seeking cyber insurance. Additionally, we have even seen certain clients denied cyber insurance which raises concerns about the sustainability of the cyber insurance landscape.
As we gaze into the future, it is becoming increasing evident that cyber insurance will fall into one of these distinct buckets:
- Pricey Proposition- Premiums will soar past what they are currently with the number of cyber threats growing, the complexity of the threats, and ransoms increasing. Cyber Insurance companies are facing the risks and are likely to place the burden onto those getting insured, making this a costly investment.
- Denial Dilemma- With the scope of coverage shrinking, organizations may face getting denied cyber insurance as criteria for approval will become more stringent.
- Condensed Coverage- With cyber insurance coverage being reduced and some attacks not being covered from the get-go, some organizations will wonder what is point of being insured at all.
- Independently Self- Insured- Facing expensive premiums, denials, condensed coverage, some organizations will consider self-insuring and taking on the risks of what those entails.
A recent cyber insurance policy, seen below, that took effect on January 1st, 2024, shows exactly what organizations are up against when looking into cyber insurance.
If we are being honest what DOESN’T constitute “cyber warfare”? As the lines of cyber warfare are blurred, cyber insurance organizations will have to narrow down what they will and will not cover. As cyber insurance companies grapple with these nuances, organizations are left navigating a complex landscape where the terms and conditions are constantly under review. This will greatly impact both costs to the end-user, and at some point, users will have to decide IF they will choose to continue insurance coverage or not.
In conclusion, the shifting of cyber insurance in 2024 demands that organizations are informed of the changes and proactively looking at what the cyber insurance companies are doing. The trends indicate that higher costs, increased denials, and reduced coverage are coming. Navigating this requires a deep understanding of the evolving landscape, a commitment to robust cybersecurity practices, and a readiness to adapt to the changing norms within the insurance industry.
As we start the new year, organizations must critically evaluate their cyber insurance needs, reassess their risk tolerance, and chart a course that aligns with the evolving realities of the digital age. The journey ahead is complex, but with informed decision-making and a resilient cybersecurity strategy, organizations can navigate the challenges and uncertainties that lie on the horizon.
Seth Marsh is a security specialist with over 30 years of experience in the IT industry. Before leading Sales & Marketing at TMG, Seth led sales for a global full-service security provider and served as a VAR rep focusing on security during his last 12+ years specifically while working with Cisco. This breadth of experience allows him to understand clients’ needs and the ins and outs of the supplier and distribution side.