LONDON (Reuters) – Global cyber insurance premiums are experiencing a decline as businesses enhance their capabilities in mitigating losses from cybercrime, despite a rise in ransomware attacks, brokerage firm Howden reported on Monday.
In the wake of the COVID-19 pandemic driving a surge in cyber incidents, insurance premiums skyrocketed throughout 2021 and 2022. However, the trend has reversed over the past year, with the annual Howden report highlighting significant double-digit price reductions in the cyber insurance market for 2023/24.
The adoption of enhanced security measures, such as multifactor authentication (MFA), has played a pivotal role in safeguarding company data, consequently lowering the frequency of insurance claims.
“MFA is fundamental—it’s akin to locking the door when leaving the house,” remarked Sarah Neild, Head of UK Cyber Retail at Howden.
Neild emphasized the multifaceted nature of cybersecurity, noting increased investments in IT security infrastructure and employee training as additional factors contributing to enhanced resilience among clients.
Despite the upward trajectory of cyber attacks, insurers’ growing interest in expanding cyber insurance offerings has contributed to the declining premium rates, Neild explained.
Following Russia’s invasion of Ukraine in February 2022, global ransomware attacks initially declined as cybercriminals focused efforts on geopolitical matters. However, the report highlighted an 18% increase in recorded ransomware incidents in the first five months of 2024 compared to the previous year.
Ransomware, a form of malicious software that encrypts data and demands cryptocurrency payments for decryption, continues to pose significant risks to businesses. The report underscored that business interruption remains a primary financial concern following cyber attacks, though improved backup systems, such as those offered by cloud providers, have helped mitigate these costs.
While the majority of cyber insurance transactions occur in the United States, the report predicts that Europe will experience the fastest growth in the $15 billion global cyber insurance market in the coming years, driven by lower current penetration levels.
The report also highlighted that smaller firms are less likely to invest in cyber insurance, often due to limited awareness of cyber risks.