author photo
By Bruce Sussman
Tue | Apr 16, 2019 | 6:27 AM PDT

A new research report says the cybersecurity insurance market is ready to skyrocket.

In dollars and sense, that means growing from about $4 billion in premiums globally in 2019 to more than $23 billion by 2025. 

The report, by Adroit Market Research, points out what we've heard in sessions at SecureWorld events: The stand-alone cybersecurity insurance market is rapidly maturing but still relatively new. Insurers are trying to create actuary tables that properly reflect the risk and exposure involved in insuring a particular client.

Considerations for cybersecurity insurance

The financial services industry purchases a significant amount of cyber insurance, and we asked CISO Jason Witty about considerations for security leaders regarding cyber insurance.

Witty was at US Bank when we spoke with him, before his recent move to become Chief Information Security Officer at JPMorgan Chase.

What Witty suggests:

  • Ask what the evaluation process is like. “The underwriting process varies greatly by the insurer, all of them are going to interview you."
  • Make sure you understand your commitment. “You need to understand your responsibility to the insurer when you are buying this policy because you are committing that you have a certain level of controls and a baseline of best practices.”
  • Understand exclusions. “It’s a tricky one because the actuarial data is not all there. There are some exclusions. You really need to understand your policy.”

5 things fueling rapid cyber insurance growth

Despite the immaturity of the cybersecurity insurance market, it is forecast to grow rapidly because of demand. Here are five of the factors that researchers say are driving the cybersecurity insurance market between now and 2025:

  1. An increasing number of cyber attacks;
  2. A rapidly growing number of IoT and IIoT devices and related vulnerabilities;
  3. Global enhancement of regulations on personally identifiable information loss (like GDPR, CCPA, etc.);
  4. Increasing awareness of cyber thefts among small- and medium-sized enterprises providing digital services;
  5. A growing number of companies view cybersecurity insurance as a risk mitigation strategy

Lawsuits over coverage are growing

Along with the growth in the number of cyber insurance policies and riders comes a growing amount of litigation over terms, coverage, and liabilities.

For more, check out 4 Key Cyber Insurance Takeaways for Companies from Spec's v. Hanover Lawsuit.

Comments