More companies are looking at cyber insurance to minimize the loss due to cyber incidents and data breaches during the pandemic.
Over the years, cyber attacks and data breaches became one of the biggest risks for businesses, causing a massive financial as well as reputational damages to organizations worldwide. Often times, when a costly data breach occurs, the company may not have enough resources to resolve these issues and cover the losses. Such incidents have only paved way for cyber insurance amongst organizations looking to minimize the loss due to cyber incidents and data breaches.
Sony Anthony, Partner, KPMG and Kailash Mittal, Partner KPMG, explain in their blog, ‘Cyber insurance policy is a risk transfer mechanism used by organizations to protect themselves from losses and expenses arising due to cyber-attacks.’
According to a data presented by Finaria.it, the global cyber insurance market is expected to grow by 21% year-over-year and reach a $9.5bn value in 2021. As data applications and technology in the business sector increase, organizations are becoming more vulnerable to these attacks and more aware of the need for insurance coverage for cyber risks.
These insurance products help companies and organizations hedge against the potentially devastating effects of ransomware, malware, distributed denial-of-service (DDoS) attacks, or any other cyber attack used to compromise a network and sensitive data.
Security breaches to drive cyber insurance
At present, a quarter of all cyber insurance claims come from the healthcare sector, according to the Willis Towers Watson Cyber claims analysis report revealed. The cyber insurance claims between 2013 and 2019 showed that IT and telecommunications market ranked second with more than 10% of all cyber insurance claims in this period. Insurance, retail and wholesale, and manufacturing sectors rounded out the top five, with 9.9%, 9.2%, and 7.1% share, respectively.
Statistics also show that almost 75% of cyber insurance claims in this period involved an insuring clause related to breach incident response and crisis management. Data privacy breaches represented the second-most common insuring clause, followed by cyber extortion.
Of the industries most affected by cyber insurance losses, the share of loss events caused by malicious data breaches was highest in the BFSI sector at 39%. The retail and wholesale industry had 30% of such losses between 2013 and 2019. IT and telecommunications industry, manufacturing sector, and the healthcare market followed with 24%, 22%, and 18% share, respectively.
Analyzed by geography, the 2020 Trustwave Global Security Report revealed the Asia Pacific represents the most-targeted region of malicious data breaches. In 2019, 37% of all cyber attacks occurred in this region. North America ranked second with 33% of all cyber incidents last year. Europe, the Middle East, and Africa follow, with a 25% share.
India, still an evolving market
According to Indian Computer Emergency Response Team (CERT-In) 6.9 lakh cyber security incidents were reported till August, 2020, which is a 43% jump from the previous year.
Even as the cyber security threat looms large in India, cyber insurance covers have not picked up in a big way. As TA Ramalingam, chief technical officer, Bajaj Allianz General Insurance, said there has been pick-up in the corporate cyber policy in the past five-six years, but individual policy is still at a nascent stage in India.
“Corporates are facing challenges on multiple fronts. Say for example, any social media company or a financial institution or a hospital has huge volume of personal data and if fraudsters get hold of that data, it can be disastrous for those companies. Hackers can hack the data and leak in public, which will mean loss of face for those companies,” said Ramalingam.
Bajaj Allianz’s CyberSafe Insurance launched in mid-2020 protect individuals from cyber-attacks including identity theft, cyber bullying, phishing, malware attacks and cyber extortion to name a few. The most striking feature of this policy is that it is specifically designed for individuals and is the first of its kind in the Indian insurance industry.
ICICI Lombard General Insurance launched its Retail Cyber Liability Insurance policy too offers complete protection to individuals and their families against any cyber frauds or digital risks that could result in a financial or reputational loss, owing to online theft to unauthorized transactions.
Sanjay Datta, Chief – Claims, Underwriting and Reinsurance said, “We are living in a digital world where data is being engendered, transmitted and deposited every nanosecond. Today, data is gold. And, to protect it, is paramount.”
Dutt believes its new product comes at an opportune moment when everybody is working remotely, using social media and net banking and is digitally active. The product is designed to protect individuals against the dangers that come with the connected life like cyber-bullying, identity theft and more.
In general, cyber insurance covers financial losses due to fraudulent use of the bank account, credit or debit card and mobile wallets by a third party for transfers, purchases or withdrawals made over the internet. It also offers cover for ransomware attacks or cyber extortion, IT theft loss, email spoofing and phishing. Officials in the insurance industry say typically, cyber covers are in the range of Rs 40 crore to Rs 200 crore depending on the sector, and premiums are in the range of 1-4% of sum insured. An individual can buy cyber cover anywhere in the range of Rs 5 lakh to Rs 20 lakh.
According to KPMG, the cyber insurance market globally is estimated to exceed $20 Billion by 2025 In India, close to 350 cyber insurance policies were issued in 2018, This is expected to see a phenomenal rise in the coming years as cyber security is becoming a board room agenda across businesses.