Cyber insurance market remains stable due to robust cybersecurity: McGriff
McGriff, a US retail insurance broker, reports that cyber insurance market rates in 2024 remain stable as businesses strengthen their cybersecurity measures.
Businesses opting for higher retention levels or deductibles are also benefiting from premium savings in their programs.
However, McGriff notes, “Custodians of large volumes of records (personal health information, personal financial information, and other non-public personal information) are not seeing the same lower rates as others, with underwriters having to price for aggregation of large losses in these classes of business.”
Changes in premiums also impact growing businesses, as revenue growth continues to factor into basic underwriting models.
While some industries experience more relaxed underwriting standards, McGriff stresses the importance of maintaining strong cyber controls and vendor risk management. Businesses should remain vigilant against cyber threats and consistently enhance their cybersecurity measures to prevent, detect, respond to, and recover from attacks.
According to the 2024 Allianz Risk Barometer, cyber incidents are the top concern across industries globally, with data breaches, infrastructure-related cyberattacks, and malware/ransomware leading the list of worries.
The costs following a cyber event can be substantial, including business interruption, ransomware payments, fines, notification expenses, credit monitoring, forensics, legal fees, and reputational damage.
Moreover, the cyber threat landscape is growing more complex, with hackers employing sophisticated tactics, such as AI-driven ransomware attacks and deepfake technology for phishing emails.
Looking ahead, McGriff underscores the importance for businesses to understand emerging cyber trends and risks and how they could impact their operations and cybersecurity practices.
McGriff concludes, “We recommend you and your broker review your Cyber insurance program each year in light of emerging trends, and that you maintain a comprehensive Incident Response Plan that has been stress tested, updated, and stored offsite for secure access after an incident.”