The cyber insurance industry has seen strong growth – with S&P research revealing that the market reached around $12 billion in 2022 and was expected to grow by 25% to 30% annually to reach around $23 billion by 2025.

But what exactly is driving this accelerated growth? Samantha Bailey (pictured), senior vice president and US brokerage growth leader at Aon, tells IB that there are a number of factors, but one is the cloud-based shift and increased adoption of technology by insurers.

“We are seeing many companies, especially in the financial institutions space, turning to cloud providers instead of in-house technology,” she explained.

The Impact of Artificial Intelligence on Cyber ​​Insurance

Artificial intelligence is another important element driving the growth of cyber insurance. Companies are using AI to improve operations and strengthen cybersecurity controls. However, the technology also presents new challenges.

“There are bad actors out there who are looking to use AI to write emails that are much more convincing social engineering attacks,” Bailey explained. “However, companies are looking to counter that by using AI to help protect them from some of the new bad actors and vectors. Generative AI is an emerging thing — so there are a lot of people just trying to talk to each other to figure out how best to use it.”

This talk has even reached the levels of the UK Parliament, where AI regulations are still being discussed and debated – just like the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). This in turn has impacted the cyber insurance market, forcing it to evolve and adapt not only to new rules but also to customer needs.

“Clients are looking to buy more limits because they see there is more exposure than there was in the past,” Bailey said.

Changes in Cyber ​​Insurance Underwriting

Underwriting in the cyber insurance sector has adapted to the inevitability of cybersecurity breaches.

“Part of the underwriting process is not only the proactive controls to help prevent a breach or event, but also the reactive controls that companies have in place,” Bailey explained. “What are their disaster recovery plans? Are there backup systems? Who are their vendors if something happens? What protocols do they follow? How do they prevent and mitigate damage?”

Ransomware attacks, in particular, have seen a dramatic rise, radically changing the risk landscape for businesses.

“Ransomware incidents have increased by over 1,000% compared to five years ago,” Bailey shared. This increase underscores the urgent need for businesses to address this threat. Aon’s approach to advising clients includes a holistic view of cyber risk, incorporating both proactive and standard measures, risk transfer and reactive measures.

“We believe that all cyber risk factors must work together,” Bailey added. In this challenging environment, clear communication and strong partnerships with customers are essential. Bailey emphasized the importance of coordination within companies to effectively manage cyber risk.

“Cyber ​​risk is a risk to the business; it’s not just the responsibility of the risk management office or information security. It’s everyone in the business working together,” Bailey explained. “The cyber insurance market is much more competitive now than it was two or three years ago. Clients are looking to buy more limits because they see more exposure and recurrence than they did in the past.”