Blog  |  Finance,

4 Changes You Need to Be Aware of in the Cyber Liability Insurance Industry

As an MSP and IT business professional, you’re well aware of the dangers out there faced by companies every day. Just one ransomware infection or data breach can cost a business hundreds of thousands of dollars or more.

The costs to remediate cyberattacks continue to go up, along with the sophistication of these types of attacks. In 2020, it cost an average of $761,106 to remediate a ransomware attack, and in 2021, that number more than doubled to $1.85 million.

You most likely quote similar figures to your leads and customers when promoting your remote managed services and cybersecurity solutions. 

They are also the types of statistics that have caused a recent change in the cybersecurity insurance industry. 

The Cyber Security Insurance Safety Net is Getting Smaller

Cyber liability insurance has become popular over the past decade for providing much-needed protection to cover the costs associated with a cyberattack. It covers costs from the breach of sensitive data, remediation costs and system restoration in the case of a ransomware attack, legal costs, and more.

But insurance carriers have been asking themselves if covering things like the payment of ransoms to ransomware attackers is encouraging higher ransom demands and more attacks.

They are taking a look at their balance sheets for payouts in cybersecurity insurance claims and the premiums collected and making some major changes.

These changes not only impact your own company and any cybersecurity insurance you may have, but they also impact companies that you do business with.

Here are the key ways that insurance companies have been shrinking the cyber insurance safety net.

Increasing Premiums

Premiums for cybersecurity insurance aren’t just going up a little, they’re going up a lot.

The increase in attacks during the pandemic and the move to remote working (and resulting security vulnerabilities) have caused skyrocketing attack volume and companies of all sizes are being hit.

During the first quarter of 2021, there were double-digit increases each month in premiums for policies that covered ransom payments to attackers. This is making cybersecurity liability insurance less affordable for many smaller companies.

Dropping Coverage for Ransom Payments

Speaking of policies that cover ransom payments… these are going to become fewer and far between in the future. A major European insurance carrier, AXA, stopped covering payments of ransom at all for its policies for French companies.

While this may be happening in another country, this is just the first indication of what is to come this year. Other carriers are likely already discussing doing the same to reduce their risk and discourage companies from paying sky-high ransoms because they know the insurance company will take care of it.

Dropping Coverage for “Nation-State” Attacks

Another disturbing trend in dropped coverage is with attacks by nation-states, which are becoming more prevalent. Insurance carrier Lloyd’s of London announced at the end of last year that it would stop covering attacks attributed to a nation-state.

Depending on how an insurance provider interprets this, it could rule out many types of cyberattacks, as there are a lot of state-sponsored groups behind major ransomware attacks with widespread impacts. For example, the WannaCry attack was tied back to a state-sponsored hacking group.

This could essentially make cybersecurity insurance much less meaningful as a result if more carriers adopt this same policy.

Increasing Security Requirements to Get Coverage

Companies applying for cybersecurity liability insurance can expect to have more digital hoops to jump through before they’ll be approved. As noted in the Sophos 2021 Threat Report, a “lack of attention to one or more aspects of basic security hygiene” was responsible for the most damaging attacks seen in 2020. 

Insurance carriers are mitigating their own risk by requiring more cybersecurity safeguards by those seeing coverage for cybersecurity attacks. This includes protocols such as:

  • Privilege access monitoring
  • Multi-factor authentication
  • Advanced threat protection
  • Confirmation of 3rd party security
  • And many others

Leverage the News to Build Your Cybersecurity Service Business 

This shift in cyber liability insurance opens opportunities for you to stress the renewed importance of using cybersecurity best practices and approaches like zero-trust.

The companies you serve may now have less of an insurance backup should they fall victim to an attack. This means that good IT security practices and strong systems are the best “insurance” they have against the devastating costs of a breach.

You can use your knowledge of the upcoming changes in the cyber insurance industry to market your cybersecurity services and make your company stand out as someone that has your clients’ backs.

Use an RMM/PSA Platform With Built-In Security Safeguards

The Syncro RMM/PSA platform allows you to securely manage your customer’s systems and IT security, giving them peace of mind.  

Contact us today to schedule a free demo and a 30-day free trial. Call 856-579-6276 or start your trial online.


Ian Alexander

Ian Alexander

Co-founder and Channel Chief at Syncro. Always trying to find ways to help MSPs. Former MSP tech and break-fix owner. Basketball player, human and dog dad. Grew up in Berkeley, living in Sacramento.

Leave a Reply

Your email address will not be published. Required fields are marked *