New trends in the global cyber insurance market
Cybercriminals have refined their strategies to capitalize on vulnerabilities arising from mergers and acquisitions and software vendor consolidation, according to a cyber risk report by Resilience.
The report, based on data from the threat intelligence team and its insurance portfolio, highlights how these factors have opened up new avenues for widespread ransomware attacks, where attackers exploit a single point of failure in interconnected systems or newly acquired companies, leading to devastating consequences, in particular to the halt of entire economic sectors.
The main trends of the cyber insurance market
- As of January 2023, ransomware is the leading cause of losses, with 64% of insurance claims resulting in financial losses. The financial impact of ransomware claims increased by 411% from 2022 to 2023.
- Major incidents, including the Change Healthcare and CDK Global attacks and the PanOS zero-day vulnerability, were the top drivers of cyber insurance payouts in 2024.
- Vendor Breaches: Vendor-related breaches accounted for 35% of all payouts since January 2023, rising to 40% in 2024 due to vulnerabilities in third-party vendors such as Ivanti Software.
- BlackCat Group, the hacking group responsible for the Change Healthcare hack, continued its cyberattacks in 2024, accounting for 18% of insured insurance losses from ransomware in 2023.
- Industry and construction saw the largest increase in insurance payments for cyber risks in 2024: in industry, the number of dropouts increased from 15.2% to 41.7% in 2024, in construction – from 6.1% to 25%.
The report also highlights the risks associated with a 36% increase in the volume of global M&A deals in the first quarter of 2024. While these deals are often seen as positive economic indicators, they create numerous potential cybersecurity vulnerabilities. Similarly, reliance on single technology providers for mission-critical services has proven disastrous when breaches occur, leading to ransom payments, business interruptions, and significant revenue losses.
The cyber insurance market will grow by 54% to $53 billion by 2030, Howden predicts. The market now faces a unique combination of heightened threats and a stable insurance environment supported by strong risk controls. This sets the stage for a mature cyber insurance market driven by innovation and risk-based growth.
Although the US leads the cyber insurance market, accounting for about two-thirds of the global market, its continued growth remains important. However, more than half of premium growth through 2030 is expected outside the US. In major European economies such as Germany, France, Italy and Spain, reaching the penetration levels of more developed markets could lead to an increase in premiums of approximately €700 million.
Meeting demand in underserved regions such as Europe, Latin America, and Asia opens up significant potential for growth in the cyber insurance market.
“Major attacks like those at Change Healthcare, CDK Global and AT&T wreak havoc and make headlines, but they also remind us that we are facing a new status quo. Increasing vendor interdependence and M&A activity have created unprecedented opportunities for hackers with far more points of failure and room for human error,” said Vishaal Hariprasad, co-founder and CEO of Resilience. “Now more than ever, we need to rethink how staff approach cyber risk. Companies are more interconnected than ever before, and their sustainability now depends on partners and other workers in the industry.”
More than 90% of Resilience customers, the company says, who were directly affected by ransomware attacks in 2023-2024, avoided paying ransoms to cybercriminals. In fact, even though Lockbit or Cl0p ransomware incidents have increased over the past year, customers who had cyber insurance coverage were able to effectively mitigate and manage these disruptive threats and avoid paying any payments related to hacker groups.
Therefore, the insurance and reinsurance industry must change its approach to cyber risks. Although the perception of increased systemic risk in cyber insurance and reinsurance is sustainable, rates still remain lower compared to natural catastrophe risks.
“While cyber security has historically been considered a separate line item in a company’s budget, it is clear that this is not enough,” said Tom Egglestone, Global Head of Claims at Resilience. “Business leaders must adopt a risk-based approach, one in which security strategies are based on a financial assessment of cyber threats.”
“Investment in special cyber expertise and training Developing advanced risk models is key to effectively addressing complex cyber threats,” said Luke Ford-Kelsey, global head of cyber at Howden Re. “This approach will not only turn vulnerabilities into competitive advantages, but also allow companies to actively develop.”