Cybercrime is constantly evolving. And the cyber insurance industry struggles to keep up. So, what’s next for cyber?
Whitney Tabash, a Broker with All Risks, Ltd, recently sat down for an interview and answered the following questions. You can jump to her answers by clicking on the links below.
- What are the big trends that you see coming for cyber in 2020? Or in the next five years?
Cyber Liability Self-Assessment
What are the big trends that you see coming for cyber in 2020? Or in the next five years?
More Purchasers
For Cyber liability insurance I think we’re going to continue to see more and more buyers. In 2018 the global market for cyber was at $4.8 billion, and they’re predicting it to be at $28.6 billion in five years. So that’s probably the biggest trend.
I think this growth in purchasers is also going to correspond with an increase in preparedness and cyber defenses. The public will have a better understanding of what cyber insurance can do, and the differences between policies.
Pricing
Right now, insurance professionals have to combat the fact that every cyber policy is different. There isn’t really a common denominator besides first party law (which protects customer or employee rights regarding data in your control). As more and more people purchase cyber coverage, they will come to understand that there is not just a difference in price. There’s a difference in coverage as well. We’ll see insurers go away. There are lots of different insurance products for cyber right now. We’re going to see less of those, and pricing stabilize as people realize that this policy is going to be better.
Risk Management
Businesses are starting to see the value in cyber coverage. And part of that has to do with carriers implementing risk assessments with their quotes that show vulnerabilities. Making businesses aware of vulnerabilities in their systems helps them better manage their risk by fixing these gaps and preventing data breaches in the future.
We now have carriers offering full risk management services with their policies. This includes training your employees. And one of the top reasons people have data breaches comes from employees clicking on links. Part of the training may include intentionally sending internally produced phishing emails. If an employee clicks on it, then more training is necessary.
Regulation
The GDPR in Europe really changed the nature of privacy law. And, we’re following it here in the United States. California has a big act that took effect January 2020. At least ten other states are proposing or are already moving forward with similar acts. People’s rights in respect to personally identifiable information keep increasing. And as such, we’re going to see laws that clarify that, and more data breaches when people don’t adhere to them.
Summary
The complexity of cyberattacks will increase. So, expect to see cybersecurity investments to increase while countermeasures adapt. Ultimately the human factor is key. Employee training will evolve to increase awareness and effectiveness. And increasing regulation will be the force that drives further compliance.
Bio
Whitney Tabash is an experienced Professional Liability broker at All Risks Ltd., the largest independently owned insurance wholesaler in the United States. Prior to joining All Risks, Whitney was a Senior Broker at Professional Liability Underwriting Specialists, Inc. With almost 10 years in the industry, she is a well-established resource on technology related exposures in the constantly changing regulatory environment. Whitney serves on the Texas Surplus Lines Association (TSLA) Membership Services Committee and was the youngest ever appointed Chair of the Texas, Oklahoma, Arkansas and Louisiana Chapter of the Professional Liability Underwriting Society (PLUS).
Disclaimer
Daniels-Head Insurance Agency (DHIA) seeks thoughts and insights from a variety of individuals and organizations in the industry. The guest content on this blog represents the individual opinion of the author and not that of DHIA. Nor is it the opinion of DHIA’s underwriters and business partners. Neither DHIA nor DHIA’s business partners are recommending, endorsing, or sponsoring any companies, or third parties mentioned in this blog.