In 2012, General Keith Alexander, then director of the NSA and commander of U.S. Cyber Command, commented that the theft of industrial information and intellectual property (IP) through cyber-crime constituted the “greatest transfer of wealth in history.” That year, U.S. companies were estimated to have lost a combined $338 billion through IP theft and cyber-crime, while $1 trillion was spent globally on countering the threat of cyber-crime. Since then, the threat posed by cyber-crime has only escalated; the global loss due to cyber-crime in 2016 is estimated to be up to $500 billion and Juniper Research projects that these costs will escalate to $2.1 trillion by 2019. The threat of hacking extends beyond the financial sector; both the French and American presidential elections have been shaken by email hacks, while the Interior Department, which stores sensitive information on critical infrastructure suffered 19 attacks over the last ‘few years’.
The massive cost of these crimes has created an opening for insurance companies, with premiums for coverage against hackers expected to “triple over the next four years,” from $3.4 billion now to between $8.5 and $10 billion. Due to the relative newness of cyber-crime in comparison to natural disasters and other issues, insurers are experimenting with prices, limits, and risk management policies. Hiscox CEO Bronek Masojada gives the example of a potential “cyber hurricane” occurring, where a virus spreads throughout the world, imposing massive financial costs on the entire cyber insurance industry. The lack of history behind these types of events undermines the ability of insurers to use accurate timeframes for risk analysis; insurers cannot be sure if “cyber hurricanes” occur every 25 years or every 100 years or at all.
Even in the face of systemic uncertainties, companies are entering the cyber insurance market, willing to take on risk to enter the fastest growing sector in the global insurance arena. This includes Allianz SE and Chubb Ltd. as well as Beazley Plc which has recently partnered with Munich Re to offer a joint, competitive product. These companies are buoyed by increasing international attention to these threats. For instance, the EU, who passed regulation to be introduced in 2018 for “operators of essential services” such as transportation and energy, as well as operators of “key digital services” such as Google and banks, to take “appropriate security measures.” This designation of companies such as Google, Amazon, and Microsoft as essential service providers will highlight the need for protection against cyber attacks and may increase the demand for cyber insurance.
Sources and Further Reading:
- NSA Chief: Cybercrime constitutes the “greatest transfer of wealth in history” – ForeignPolicy
- Cyber Crime Fears Drive Up Demand for Anti-Hacker Insurance – Bloomberg
- High-Profile Cyber Attacks Drive Growth of Cyber Crime Insurance – Insurance Journal
- London-Based MGA Nexus Offers Cyber Insurance in Partnership with Beazley – Insurance Journal
- Why the Macron Hacking Attack Landed With a Thud in France – New York Times
- Hacking Insurance ‘Surges’ Amid Cyber Crime Fears – Silicon
- Cyber Crime Costs Projected To Reach $2 Trillion by 2019 – Forbes
- Interior networks hacked 19 times by foreign attackers – Federal Times