Demand for cyber insurance on the rise, joint Swiss Re/ IBM study shows
Article information and share options
Following several high-profile cyber security breaches over recent years, a growing number of corporations perceive cyber as a high risk. Swiss Re therefore expects the demand for cyber insurance to rise. These are the findings of a joint study Swiss Re and the IBM Institute for Business Value conducted this year.
1800 companies (800 insurers and 1000 companies from other industries) participated in the study "Cyber: in search of resilience in an interconnected world". The joint Swiss Re/IBM survey of company CROs, CTOs, CISOs, or similar functions in January 2016 showed that 48% of the companies currently consider the threat from digital interconnectedness to be greater than other risks, and that 60% believe cyber will become a bigger risk over the next 10 years.
"Businesses of all sizes are aware of the cyber threat. Most corporations and insurers across the main regions expect the frequency and severity of cyber incidents to increase. With stronger data protection regulation being implemented in various countries, cyber risks are only likely to rise further up the corporate agenda", says Maya Bundt, Head Cyber & Digital Strategy for Swiss Re.
Unsurprisingly, firms that rank cyber as a high risk have C-suites who are engaged and knowledgeable about the threat. According to the study, this is especially true in the hospitality, consumer products and auto sectors. But some firms are ill-equipped to respond to the changing risk landscape, partly because key messages on cyber security are rarely linked to overall business objectives. Few companies have as yet institutionalised cyber risk management. Moreover, the majority of firms who rank cyber as a high risk do not feel confident that their workforce has adequate technical skills to cope.
The demand for cyber insurance is expected to rise, especially among high-risk firms. "The majority of insurers that currently sell cyber insurance do so as separate coverage. There are quite a few coverages that companies would like to buy but for which they see no corresponding available insurance solutions. Half of insurers who do not provide cyber insurance plan to write cyber cover in the next couple of years, although nervousness about overstepping the boundaries of insurability can limit product innovation", says Bundt.
The findings of the study in a nutshell:
- Risk awareness: 48% of companies currently consider the threat from digital interconnectedness to be greater than other risks, while 60% believe cyber will become a bigger risk over the next 10 years.
- Risk preparedness: 34% of high-risk firms feel senior executives could be more engaged, while 60% are not confident that their workforce has adequate skills to cope with the threat.
- Role of insurance: There is a significant interest from insurers to step up their cyber programs. Half of those insurers who do not yet provide cyber covers plan to do so in the next few years.