DWP of Cyber Insurance Could Rise to $23B by 2025, says Triple-I

The cyber insurance market is growing dramatically, and the two main drivers are ubiquitous cyber threats and insurers’ maturing response in clarifying policy coverage and exclusions.  

(Image credit: Adobe Stock.)

Direct written premiums for cyber insurance worldwide could rise to $23 billion by 2025, with U.S. businesses paying about 56 percent of the total, according to the Insurance Information Institute’s (Triple-I, New York) latest Issues Brief, published today.

Two primary factors may be driving the trend of increasing cyber insurance premiums globally, according to Triple-I’s Cyber Insurance: State of the Risk Issues Brief. The first is the ubiquitous threat of data breaches and cyberattacks, the report explains. The second is insurers have made strides in clarifying policy coverage and exclusions, improving risk managers’ understanding of product value and helping insurers better manage costs and rate stability.

U.S. businesses, the primary purchasers of standalone cyber insurance policies, are facing broader exposure to data breaches and cyberattacks through their reliance on Internet of Things (IoT) technologies, the expansion of remote work, and greater use of cloud data storage, Triple-I’s Issues Brief elaborates.

The report explains that purchasing cyber insurance as a standalone policy can lower the cost to a business in the event of a data breach or cyberattack involving sensitive information by covering damages that general liability insurance policies may not, including:

  • Legal fees
  • Repairing digital infrastructure
  • Restoring clients’ personal information
  • Recovering proprietary data

“In 2023, the average data breach cost for organizations climbed higher than ever, to $4.45 million, according to IBM’s Annual Data Breach Report,” Triple-I’s Issues Brief says. “This figure is a 15 percent increase over 2020, but only 2.3 percent over 2022.”

Tripling in Volume in Five Years

The global cyber insurance market tripled in volume in the five years ending in 2022, according to the Swiss Re Institute (Zurich), with direct written premiums worldwide totaling an estimated $13 billion. Given more than half of these premiums are paid by U.S. businesses, the National Association of Insurance Commissioners (NAIC) and the U.S. Homeland Security Department’s Cybersecurity and Infrastructure Security Agency (CISA) are showing greater interest in this line of coverage, the Triple-I Issues Brief explained. The same holds true for U.S. cyber insurers.

“Insurers are taking a more sophisticated approach to underwriting and fortifying policy wording and exclusions. Nonetheless, they need more robust data on attacks and breaches in order to predict and manage liability,” the Triple-I’s Issues Brief concludes.

Lloyd’s of London Invests in Cyber Risk Quantification Software Provider Axio

Anthony R. O’Donnell // Anthony O'Donnell is Executive Editor of Insurance Innovation Reporter. For nearly two decades, he has been an observer and commentator on the use of information technology in the insurance industry, following industry trends and writing about the use of IT across all sectors of the insurance industry. He can be reached at AnthODonnell@IIReporter.com or (503) 936-2803.

Leave a Comment