The demand for cyber insurance is unlike ever before, experts say. While existing buyers are looking to increase their limits, industries that have never considered cyber coverage are suddenly interested in purchasing a policy. “I think it’s fair to say interest in Cyber has increased across the board,” says William Boeck, senior vice president and claims counsel at Lockton. “All types of companies are focusing more on the cyber risks they have, and as part of that, more are considering Cyber insurance.” A few years ago, the demand for cyber insurance was concentrated among heavily regulated industries like financial services and healthcare. Following high-profile breaches, the retail industry followed suit. And since then, industries across the board-from manufacturing to education and professional services companies-have entered the space. “Demand is up not just across industries, but among companies of all sizes. Previously, small to mid-size companies (with revenues of less than $100 million) tended to be of a mindset that a cyber breach would not happen to them,” explains David Derigiotis, corporate vice president and director of Professional Liability at Burns & Wilcox. “Today, those companies are recognizing their risks and purchasing coverage.”
The demand likely spawns from recent, high-profile breaches attracting media attention but many cyber-attacks on smaller organizations go unnoticed by the general public. Bob Parisi, U.S. Cyber Product leader at Marsh, says there has always been a steady demand for cyber. Whether or not there was one event that “flipped the switch” for many businesses is unknown but regardless, “the market has reached a point where everyone in an organization, from the board to the C-suite, recognizes cyber threats as an operational risk.” While some experts in the field claim the market is too risky to enter, as more actuarial data needs to be available to quantify cyber risk, John Coletti, senior vice president at XL Catlin, disagrees and points out that “the markets created viable risk-transfer solutions and risk management products for customers. We wouldn’t have a $2 billion market if there weren’t viable products.” Regardless, cybercriminals seem to stay one step ahead in this game of cat and mouse and the cybersecurity industry is struggling to keep up with cybercriminals’ constantly evolving tactics. Unlike Property which can remain static for 20 years, explains Coletti, technology evolves at an extremely fast pace and cyber products must be malleable to respond to the way technology evolves.