Changes in cyber insurance
The insurance market, both in Poland and in Europe, is evolving very strongly. It is moving towards products that not only secure the company’s operations, but also help it develop. Cyber insurance has been a dynamically developing group of insurance products for several years. They had their beginning on the London market. In our country, the first offers for cyber insurance appeared much later.
Cyber insurance history
Findia started distributing cyber insurance in mid-2018. The first steps of our business were not easy. History has shown that many cyber insurance companies wanted to sell, but unfortunately, there were not many willing to buy these insurances. The situation began to change in 2019 with the increase in the number of cyber incidents in the US and Western Europe. As a result, international contractors, when negotiating contracts with Polish partners, began to expect cyber policies or, in the case of technology companies, the so-called PI insurance combined with cyber. In addition, new EU regulations have increased interest in this type of offer by companies that store customer data, as well as by public entities, mainly due to concerns about official liability for personal data.
The demand for cyber insurance in Poland was supported by low-risk assessment requirements, the ever-growing number of Insurers willing to build portfolios based on this product line, and thus – low premiums. There were situations where a large entity with a low level of IT security received a full-scale cyber insurance offer for a very low premium. Underwriters “from the world” very often shook their heads. The Western market valued such risks at least 10 times more expensive. This situation was proof that the market focused primarily on the number of policies sold, regardless of the potential risk of subsequent claims.
The unprecedented scale of cyberattacks
The pandemic and the transfer of many business activities to the network have brought an unprecedented scale of cyber attacks on company infrastructure. Ransomware continues to be the greatest threat to many entities. These are malware attacks that encrypt all data and systems on the victim’s infrastructure. This is an attack combined with a ransom demand for help in restoring the company’s systems and not disclosing the stolen data. In addition, cybercriminals are constantly working on new and improved forms of attacks. New threats keep emerging. One of the most ‘popular’ attacks in recent times is cyber attacks on the so-called “supply chain”, which consists in delivering a virus or other malware, e.g. via system suppliers. The example of the American company “Solarwinds”, distributing IT infrastructure management software, made us realize the scale of the threat. Hackers gained access to thousands of companies around the world by attacking and exploiting the infrastructure of one technology company. The consequence of this was the global cyber attacks in early 2021 on companies using the ‘Microsoft Exchange software. The whole event caused huge losses for thousands of (mostly) large global companies. This, in turn, was felt by insurers of cyber policies during the liquidation of the resulting damage.
Fortunately, the situation had little direct impact on Polish customers. The attacks on Solarwinds and Microsoft mainly affected large global companies. In Poland, in some cases, their subsidiaries could feel this.
Changes in the Insurers’ operating strategy
European insurers react to the new scale of threats and losses by changing their operating strategies. Some of them have limited the offer of cyber insurance. Some have limited the scope of protection. Insurance prices have also increased significantly. It should be remembered that decision-making in the field of larger cyber risks is largely outside our country. The decision on acceptance of risks and their valuations is made by underwriters from London or Paris, taking into account claims history from the US and European markets. Unfortunately, the markets of Central Europe are suffering the consequences of the global situation in cyber insurance.
At the same time, the underwriters focused on a more detailed and reliable risk assessment. They are constantly raising the security requirements that companies must meet to get an insurance offer at all. All these requirements are adapted to the IT security standards of Western European countries. The challenge for Polish enterprises is to level up to a high level of security and meet the requirements of insurers.
All these activities are aimed at improving the security of cyber insurers’ portfolios through more precise risk selection. Therefore, the first examples of cooperation between cyber insurers and technology companies have appeared. This cooperation is aimed at assessing the IT security of companies before concluding an insurance contract.
Unfortunately, all the above activities also translate into a longer decision-making process and a significant number of refusals of protection. Remote work in a pandemic and the availability of underwriters is an additional factor that does not make the work of intermediaries and clients easier.
Despite significant changes and increased requirements, cyber insurance is still one of the most future-oriented and developing business lines.