Following a rising number of cyberattacks against U.S. companies, cyber insurance premiums have spiked this year, according to Reuters, citing new data provided by Marsh, the insurance broker and risk advisory firm.
The rising cost of cyberinsurance has created new challenges for higher risk companies, especially in the retail and health care sector. Marsh told Reuters cyberinsurance premiums for retail companies increased by 32 percent in the first half of 2015.
In light of these sharp premium increases, Palo Alto Networks chief executive Mark McLaughlin told CNBC “insurance is not the answer” to the private sector’s cybersecurity challenges.
Tennant Risk Services president and chief executive Robert Sargent told SCMagazine.com that cyberinsurance premiums effects larger enterprises more than small and medium-sized firms. Companies with $25 million to $100 million in revenue will experience “some tightening in the underwriting guidelines,” but increases have not been prohibitive. Sargent noted that increases have especially effected retail, financial, health care companies.
“The reason you can’t get insurance policies that actually pay out or get them at reasonable rates is the insurance business knows how to manage risk, right?” McLaughlin said to CNBC. “They have no idea what this risk is here, the magnitude or what to do about it.”
Breaches occur among companies of all sizes, Sargent said, but he noted that breaches among small to mid-sized companies “tend to have less data and the breaches tend to be less public.”
Specialty insurance provider Allianz Global Corporate & Specialty recently produced a report predicting cyber insurance premiums will increase from $2 billion per year globally to more than $20 billion in the next 10 years.
Last month, The BitSight Insights Industry Benchmark report rated the security preparedness of organizations across several industries. The report found that energy/utility and healthcare companies are among the most vulnerable industries.