UK cyber insurance market shifted to favor buyers
The UK cyber insurance market has shifted to favor buyers, driven by abundant capacity and fierce competition among insurers, leading to rate decreases, according to Marsh’s Q1 2024 cyber insurance report.
In Q1 2024, organisations strengthened their cyber risk management with more effective, data-driven controls, which ultimately led to decreased rates, improved terms and conditions, and an increase in underwritten business by insurers.
Despite favorable market conditions, cyber threats remained substantial. Insureds faced large ransomware and privacy losses.
Cyber Insurance rates ease, risk remains
A UK Government survey revealed that 50% of all businesses and 84% of large businesses reported cybersecurity breaches or attacks in the past year.
In March, major UK retailers and fast-food chains experienced IT outages. While not linked to malicious actors, the disruptions highlighted the reliance on technology in modern business.
ercriminals now use blockchain and AI to automate and enhance threats. Cybersecurity software providers are adopting AI to better detect and mitigate attacks, such as filtering phishing emails.
In Q1 2024, cyber insurance rates for Marsh’s UK clients with revenues over £200 million dropped by 12% on average, with primary layers decreasing by 10%. This marked the second consecutive quarter of double-digit rate reductions.
Prices decrease over four consecutive quarters
Average cyber insurance limit increases
In the first quarter of 2024, average limits in the transportation; communications, media, and technology; financial institutions; manufacturing; retail and wholesale; and healthcare sectors increased, compared to the same quarter in 2023.
The retail and wholesale sector saw the largest year-on-year rise in average limit of 24%.
During this period, 24% of clients expanded their overall limits, 17% increased primary layers, and 74% saw premium decreases, while 6% had unchanged premiums, and 21% paid more.
Cyber insurance limits increase across all sectors
From an insurer perspective, competition in the primary space was fierce amid the growth targets set by insurers. Prices are expected to continue to decrease over the next quarter, on both a primary and excess basis.
Organizations rapidly adopted technology
Over the past decade, organizations have rapidly adopted technology, including digitally controlled operational tech, IoT devices, and business communication systems.
This expansion has increased attack surfaces, allowing cybercriminals to exploit new vulnerabilities. Ransomware attacks have become more damaging, with rising extortion demands driving up claims costs.
Human error remains a leading cause of cyber incidents. Last year, legal and education sectors saw a surge in attacks via phishing emails. This year, a broader range of industries faced various attacks, including zero-day exploits.
Ransomware claim notifications are expected to remain steady into 2025, but ransom payments have generally decreased.
An increase in phishing emails and business email compromise are also expected as threat actors continue to leverage GenAI which can automate the process of sending phishing emails, personalise emails, and generally make them more sophisticated and far harder to detect.
AI presents risks and opportunity
Generative artificial intelligence (AI) is a rapidly evolving risk issue and its potential impact on cybersecurity continues to be much discussed in 2024.
Cybercriminals are already using AI to automate and facilitate threats, with new risks and permutations of existing ones likely to emerge.
For example, some have found a significant opportunity in enabling software to more effectively detect and filter out phishing scams from email, mitigating the risk of malware attacks.
Systemic cyber risk continued to be a leading concern for insurers. In the first quarter of 2024, insurers included specific war and territorial exclusions in cyber policies, with war exclusion language in line with Lloyd’s requirements.
In general, increased competition among carriers resulted in more coverage options for organisations.
Underwriters were generally comfortable with the level of detail provided in application forms provided by insureds at the start of 2024, paying particular attention to vendor/third-party management and data collection practices.
