2023 saw some encouraging trends for the cybersecurity insurance market. Reversing 2022 market trends of rising premiums and shrinking capacities, 2023 rates remained flat or declined, which invited buyers back into the market.
However, cyber risk concerns remain and will undoubtedly continue in 2024. Cyber insurance underwriters are particularly concerned about an uptick in ransomware attacks, systemic cyber risks, and to some extent the adoption of artificial intelligence (AI).
Here are a few key themes we’ve identified that may help you plan for cyber risks in the upcoming months:
The resurgence of ransomware attacks
As ransomware continues to evolve, more organized hacking groups are rebranding to avoid regulatory scrutiny, and it’s reasonable to expect that this development is far from over. Ransomware attacks are targeting the healthcare and finance sectors the most, and there has been an increase in ransomware attacks and Business Email Compromise (BEC) schemes over the last five years.
Top Insights by Boomi:
How Businesses Can Move from AI-Curious to AI-Ready
The evolving regulatory landscape and heightened reporting requirements
Heightened regulatory risk at the state and federal levels may spread globally in 2024.
Given developments such as the SEC’s new mandatory reporting requirements for publicly traded companies around cyber incidents and risk management practices, there’s reason to suspect we’re at the beginning of a new wave of increased regulatory scrutiny regarding cyber risks.
Emerging technologies, particularly AI, may exacerbate the cyber threat environment and will require further efforts from the government, regulators, and technology providers.
AI adoption could have far-reaching consequences for businesses, including increasing risks related to data bias, privacy liability, intellectual property risks, and misinformation campaigns. Primary insurers, reinsurers, and capital markets will continue to rely heavily on advanced modeling tools to predict the frequency and severity of cyber events. Despite the constantly changing cyber risk landscape, it’s expected that the cyber insurance market will follow the trends of AI expansion and will continue to expand in 2024 and beyond.
Given this, the insurance industry must understand the risks before threats can be managed.
The anticipated growth of the cyber insurance market
As we look to 2024, the cyber insurance market will continue to evolve and will reflect dynamic change.
Recommended CIO Story of the Month:
Top 50 CIO Influence Interviews: Insights from Industry Leaders
Any organization considering embracing generative AI tools should consider establishing formal risk management plans, and risk managers will need to coordinate efforts between legal, compliance, human resources, operations, IT, marketing, and others to stay in tune with monitoring the risks as AI systems become more widely used.
As we look ahead, it’s reassuring that both insurance applicants and providers have gained valuable insight into how threats manifest into claims, as well as an understanding of the security controls to help mitigate the risks of AI and advanced modeling tools. While much more needs to be done, professionals in the cyber insurance space will forge ahead.