The cyber insurance field has been attracting the attention of the insurance world for over a decade. There are many expectations from this developing insurance sector, given the growing need for insurance protections following the significant damages caused to companies and organizations worldwide from cyber-attacks as well as the evolving regulatory environment. At the moment, the cyber insurance field does not yet deliver on the expectations placed on it; sales volumes are lower than expected and the loss ratio is negative. In addition, cyber insurance has not yet positioned itself in the industry as a central coverage for customers and a significant portion of the premium is sold as part of insurance coverage packages and not as stand-alone insurance. This makes it difficult for the growth of the product and the positioning of the insurance coverage as a significant and important coverage area.
Lastly, the penetration of cyber insurance into medium and small companies is very low and most policies are sold to large companies and organizations that are subject to supervision and obligation to purchase cyber insurance coverage
The reasons for the failure to meet expectations is the fear of insurance companies to deepen the penetration of cyber insurance due to several factors:
- Insurance companies fear the unknown risk. Fret of a long tail of claims and being left with high liabilities over time.
- A growing fear of losses and abnormal risk acceptance.
- Fret of insurance companies of the increase in threats and their continuous evolvement
The above reasons caused a sharp increase in premiums and a tightening of conditions from 2021 due to the complexity of the risk and the involvement of many third parties
Distribution is another key issue – the market is controlled by large insurance companies, while small and medium sized insurance companies are concerned about entering this type of risk. These factors create relatively low competition with limited regional competition that characterizes other insurance products. In addition, insurance agents and brokers in the world avoid selling this insurance coverage as a routine because of knowledge barriers and a lack of encouragement from insurance companies that work with them to sell the product.
From the perspective of the Insurtech world – this is a perfect opportunity for the Insurtech world to lead the penetration of a cyber insurance product. There is an acute problem in growth and an almost perfect solution from the technological point of view.
On the part of the cyber insurance startups that are B2B, this is an opportunity for them to penetrate the insurance market and enable the execution of cyber underwriting for the insurers, which will allow insurance companies to get the right customers for insurance coverage and on the other hand to price the risk correctly. In addition, providing tools for continuous protection to customers that will reduce the constantly changing risk. All of these will allow the premium to be reduced to reflect the real risk, the entry of medium and small insurance companies into the field that will not be concerned of selling the coverage while strengthening protection capabilities, reducing the risk and hence the costs of the insurers
The Insurtech sector can provide the data in real time data (unlike insurance companies that do not have both at the time of underwriting and during coverage)
Dealing with trends and changes continuously and not just once a year. All of this will reduce the risk and apprehension of insurers to enter the field of cyber insurance and increase competition and deliver a significant increase in the rates of the insured, the premium and reduce the rate of loss ration significantly.
In the B2C distribution channels, technology companies have a great place when it comes to market education, working with medium and regional brokers and insurance agents to distribute the product using their technology and as an independent distribution channel for selling insurance to customers based on their technology platforms
In addition, technology companies are also involved in the development of new products in the field of cyber insurance, which are already increasing the sales share of cyber insurance in the world. First, parametric cyber insurance that has already been sold and is not new but can be sold in different configurations such as server failure insurance. Other options include Child harassment protection insurance, protection of privacy, protection of home networks, coverage for private individuals, coverage for hacking of business pages on social networks, etc. In addition, one can expect the development of cyber insurance through insurtech startups in new areas of coverage that were not required until today, such as protection of the crypto worlds, an area that takes place entirely online, from protection of digital currencies through NFT,
In all of these and technology companies can be leaders and pioneers in the change that will lead to the growth of the world of cyber insurance.
The future of the cyber insurance from the technological point of view – As I mentioned, the cyber insurance field is not growing as expected, but technology will assist to increase the sales volume. Technology companies will work to assist insurance companies to sell the product in larger volumes and will allow entry of new insurance companies that will sell the product.
In terms of distribution channels, there will be a significant increase in collaborations between B2C startups and insurance brokers, since the cyber insurance product in the end, to a significant extent, is a push product. The involvement of technology will enable brokers to sale cyber insurance which is expected to be an increasingly retail product. In addition, the direct distribution channel of those Insurtech startups who will become MGA’s or an insurance company themselves and will sell cyber insurance products directly, initially to certain niches and later as competition to the traditional distribution channels
From the perspective of products, the technology can develop new cyber insurance products that are not sold today, which will increase the premium share of the product as well as create tools as risk management mechanisms for the customers and insurers.
In summary, there is no disruption here, but a continuous and qualitative improvement of the insurance process and over a period All these and more will bring the world of cyber insurance within the next five years to growth in very large percentages and will justify the expectations in this new insurance field. Insurers have the reputation and the capital, and technology companies have the software and great talent that is harder to get for insurance companies.
The Israeli Insurtech delegation to the ITC conference brings along several of very interesting cyber insurance startups:
Sling
Sling is offering a new approach to cyber insurance for SMEs by focusing on the dark web as a primary source for risk assessment. Sling maintains access to hundreds of unique sources, including hacking forums, illicit marketplaces, and instant messaging networks. The data collected is assessed by our in-house threat intelligence team and calculates via our own unique algorithm a Sling Score, aimed at anticipating the probability of a cyber-attack for a company. As a MGA, Sling will provide a unique approach to cyber underwriting, claims modelling, ongoing monitoring, IRT and claims management to potential insurers/reinsurers and vendor partners. Sling currently provides cyber threat intelligence as a MGU, allowing customers to upgrade their current underwriting process, optimize risk assessment and significantly reduce their loss ratio.
Surance.io
Surance.io -operates an end-to-end proactive & preventive personal cyber Insurtech solution, platform, and Application, enabling insurance carriers offer a frictionless product to policy holders. Surance.io operates the policy following production, through risk assessment, ongoing prevention and personalized alerts, 24*7 AI bot & human personal advisor for cyber issues and response to stop attacks, restore data, social accounts, and devices, replace physical devices and more.
Armoz
In an age of ever-increasing cyber and ransomware attacks, businesses are making digital transformations a priority and moving to the cloud. Armoz integrates with top security vendors to access valuable internal data and uses the cloud’s endless potential to provide 360-degree visibility of their policyholder’s security postures – not just externally, but internally too. Able to integrate into any cloud or SaaS infrastructure, from email and software to EDR – Armoz combines cybersecurity with cutting-edge AI and machine learning to offer a modern risk management approach, ready to keep businesses and insurers at the top of their game.