Cyber risk insurance India market update

Cyber risk has consistently featured amongst the top three risks for boards ever since the world started witnessing a spike in frequency of data breach incidents. The nature of expenses and liabilities that can emanate from a cyber security incident coupled with the severity of the financial impact on organisations makes it a complex risk to manage.

Cyber threat actors have taken advantage of remote working arrangements necessitated by the pandemic. India has been amongst the most impacted countries in the world with organisations across sectors getting affected by such incidents. Organisations have increasingly started instituting a cyber risk insurance programme to augment their ‘recovery’ strategies to transfer the financial impact of the risk.

Cyber risk insurance India market update briefly discusses the various threat vectors seen in the Indian market along with various kinds of losses that insurers have been paying under cyber insurance programmes. While the good part is that the insurance solution has become a key incident response support mechanism, the insurance market has significantly hardened with substantial premium rate increases. The insurers expect the insured’s to depict strong cyber security and data privacy processes as part of their stringent underwriting process in order to offer desired covers.

Organisations need to acknowledge the fact that a cyber breach incident is a question of ‘when’ and not ‘how’. They need to employ studies which not only assess cyber security posture but also quantify cyber loss potential to predict future loss potentials besides importantly working towards developing a cyber risk aware culture.

Cyber update

• Two years on from the COVID crisis first impacting Asia, there has been a rapid escalation in the severity of cyber losses sustained by businesses across all sectors from engineering firms to hotel chains. India is reportedly one of the worst hit nations with two to three-fold increase in the frequency of cyber claim notifications since FY 2020.

^*Dependent on risk class, loss history and historical base pricing. We have observed higher rate increases than mentioned above in high-risk sectors.

• India is amongst the worst hit nations, but things are largely unknown due to lack of stringent data privacy laws and notification guidelines. Nonetheless, we know that commonly reported origins of claim include:
  • Malware infections
  • Ransomware attacks (average ransom payments between USD 250,000 to USD 750,000 with larger payouts observed in certain cases)
  • Social Engineering Frauds – ‘Impersonation Frauds’ and ‘Vendor Invoicing Frauds’
  • Business Interruption losses arising from ransomware attacks are observed to be more severe than the incident response costs.

• Cyber insurance policies have paid out significant costs related to incident response, ransom demands, and business interruption losses caused by a breach incident so far. The extent of losses has resulted in underwriters re-examining how they price risks and has caused substantial premium hikes, coverage restrictions, increase in retentions / deductibles and capacity restrictions. This hard market trend is expected to continue throughout 2022.

Source: Acronis Cyberthreats Report 2022.

• Organisations in IT / ITES, Manufacturing, E-Commerce, BFSI, Fintech and Managed Service Providers sectors have been particularly targeted by malicious threat actors in recent times. These industries constitute the primary drivers of cyber insurance business in India with other sectors increasingly considering cyber insurance. There has been an average 60% rise over prior in the number of enquiries largely driven by proactive risk transfer considerations and contractual requirements.
• Clients will need to maintain particular focus on ransomware insurance clauses as we are seeing the application of coinsurance clauses and sub-limits to ransomware / cyber extortion coverage.

Source: Costs of Data Breach Report 2021 - IBM

• Insurers are also changing the way they assess risks with increased reliance placed on third party risk assessment tools during the underwriting process and the adoption of underwriting question sets focusing even more on granular security issues and exposure Clients seeking to manage this hardening environment will need to demonstrate their cyber maturity and create effective strategies to communicate to underwriters the investments they have made to address cyber exposures and demonstrate the strength of their risk management and resilience capabilities. Particular focus is given to client’s visibility and protection of endpoints (e.g. multifactor authentication on all endpoints), segmentation of systems, people risk management, business continuity and incident response plans (e.g. have these been tested in the last 6 months?)

Source: As per various insurer estimates

• In line with global trends, we are seeing an increased rollout of cyber exclusions being added to financial and general lines insurance wordings. This change in insurance terms, alongside the stark increase in reported cyber-attacks, has led to many organisations adding a dedicated cyber insurance policy to manage cyber exposures and the unanticipated financial impact of a cyber event.

For more information, please write to your WTW contact or to wtwindia@willistowerswatson.com.