Businesses are increasingly aware of cyber-related business interruption risks and stepping up to increase their coverage to more adequate levels as a result, according to a new Zurich Insurance Survey.
“The cyber insurance marketplace is expanding and maturing to meet the increasing demands of corporations concerned about the ever-evolving cyber risks,” Paul Horgan, head of U.S. Commercial Insurance, said in prepared remarks. “Businesses are not only buying more coverage, they are asking for innovative and robust solutions that address menacing new threats.”
Zurich’s ninth annual Advisen cyber survey of corporate risk managers and insurance buyers found that 82 percent of respondents viewed cyber risk as a “significant concern” throughout their companies. Approximately 95 percent of respondents believed business interruption would be covered under their cyber policies if there were a claim.
As well, three-quarters of respondents said they expected contingent business interruption to be covered, a result that shows third-party cyber breaches affecting vendors can impact supply chains and vital services. Also worth noting: about the same percentage of respondents who changed their cyber limits over the last year focused on purchasing higher limits than their previous policies.
So, why are businesses increasing their cyber cover? That comes from greater awareness of how cyber attacks can interrupt and cause serious damage to vital business activities. The 2019 Advisen cyber survey found the increasing frequency of headlines about ransomware attacks over the past 12 to 18 months has been driving corporate insurance buyers’ increased awareness of their potential to interrupt business functions.
Choosing from a list of 11 possible outcomes of cyber risk events, 95 percent named data breach as the No. 1 risk, followed closely by cyber-related business interruption at 94.5 percent and cyber extortion/ransom at 89 percent.
A recent survey from The Travelers Companies determined that cyber risks were the top concern among businesses of all sizes. That’s the first time that all businesses surveyed ranked cyber as their primary concern since the Travelers Risk Index started conducting surveys on the matter in 2014.
Another risk addressed by the Zurich/Advisen survey respondents concerned the potential impacts of regulatory fines and penalties. In the wake of the European Union’s General Data Protection Regulation (GDPR) fines levied against two multinational corporations, insurance buyers want to know how their coverages will respond in the event they are ruled out of compliance with the GDPR and similar laws. A significant number of risk managers (71 percent) report that they expect their cyber insurance coverages to cover regulatory fines and penalties, while 35 percent stated that they purchased cyber coverage expressly for that purpose, up from 26 percent in the 2018 Advisen survey.
Zurich plans to discuss the key findings, analysis and conclusions later this month at the upcoming Advisen Cyber Risk Insights Conference in New York City in late October.
Results are based on 350 respondents representing risks managers, insurance buyers and other risk professionals covering both large and small companies around the world. Finance, banking and insurance industries are the most highly represented. Businesses of all sizes took part, but the companies said this was slightly weighted toward smaller and middle-market companies having revenues (or budgets for nonprofit or government entities) of $1 billion or less.
Source: Zurich Insurance, Advisen