Cyber Insurance Market Growing Dramatically, Triple-I Finds

Cyber Insurance Market Growing Dramatically, Triple-I Finds

NEW YORK–(BUSINESS WIRE)–Direct written premiums for cyber insurance worldwide could rise to $23 billion by 2025, with U.S. businesses paying about 56% of the total, according to the Insurance Information Institute’s (Triple-I) latest Issues Brief, published today.


“Two primary factors may be at work,” stated Triple-I’s Cyber Insurance: State of the Risk, when explaining the trend.

The first is the ubiquitous threat of data breaches and cyberattacks.

The second is insurers have made strides in clarifying policy coverage and exclusions, improving risk managers’ understanding of product value and helping insurers better manage costs and rate stability, the Issues Brief said.

U.S. businesses, the primary purchasers of standalone cyber insurance policies, are facing broader exposure to data breaches and cyberattacks through their reliance on Internet of Things (IoT) technologies, the expansion of remote work, and greater use of cloud data storage, according to Triple-I’s latest Issues Brief.

Purchasing cyber insurance as a standalone policy can lower the cost to a business in the event of a data breach or cyberattack involving sensitive information by covering damages that general liability insurance policies may not, including:

  • Legal fees
  • Repairing digital infrastructure
  • Restoring clients’ personal information
  • Recovering proprietary data

“In 2023, the average data breach cost for organizations climbed higher than ever, to $4.45 million, according to IBM’s Annual Data Breach Report,” Triple-I’s Issues Brief said. “This figure is a 15% increase over 2020, but only 2.3% over 2022.”

The global cyber insurance market tripled in volume in the five years ending in 2022, according to the Swiss Re Institute, with direct written premiums worldwide totaling an estimated $13 billion. Given more than half of these premiums are paid by U.S. businesses, the National Association of Insurance Commissioners (NAIC) and the U.S. Homeland Security Department’s Cybersecurity and Infrastructure Security Agency (CISA) are showing greater interest in this line of coverage, the Issues Brief explained. The same holds true for U.S. cyber insurers.

“Insurers are taking a more sophisticated approach to underwriting and fortifying policy wording and exclusions. Nonetheless, they need more robust data on attacks and breaches in order to predict and manage liability,” Triple-I’s Issues Brief concluded.

RELATED LINKS:

Article

Cyber Insurance: A Key Part of a Robust Business Strategy

Triple-I Blog

CISA Releases Long Awaited Plan for National Cyber Resilience (October 2022)

Triple-I Issues Brief

Cyber: State of the Risk (May 2022)

Video

Andrew Mais, president, NAIC, discusses Cybercrimes and Consumer Protection

About the Insurance Information Institute

With more than 50 insurance company members — including regional, super-regional, national, and global carriers — the Insurance Information Institute (Triple-I) is the #1 online source for insurance information in the U.S. The organization’s website, blog and social media channels offer a wealth of data-driven research studies, white papers, videos, articles, infographics and other resources solely dedicated to explaining insurance and enhancing knowledge.

Unlike other sources, Triple-I’s sole focus is creating and disseminating information to empower consumers. It neither lobbies nor sells insurance. Triple-I offers objective, fact-based information about insurance – information that is rooted in economic and actuarial soundness. Triple-I is affiliated with The Institutes Risk and Insurance Knowledge Group.

Contacts

Michael Barry, 917-923-8245, michaelb@iii.org