Why is cyber insurance getting more expensive?


The cost of cyber insurance has risen steeply and, according to Adrian Cox (chief executive of Beazley), prices will continue to increase as insurers react to rising claims. In an interview with the Financial Times, he said that cyber criminality has become a real problem in the corporate world through ransomware. Insurers are reacting to that and working out how to underwrite it.

Ransomware works by hackers attacking and encrypting data on a company’s computers. A ransom is then demanded to release the data. Often, when a company becomes a victim to this type of attack, they turn to their insurers for help. Because of this, the level of cyber insurance pay-outs rises. Some insurance companies have now stopped writing cyber insurance completely. This, combined with the rising cost of claims, has pushed prices up. Cox went on to say that he expects rates to increase soon.

If an organisation has cybersecurity coverage in place, it will help to protect it against the risk of cyber events. Any kind of loss or theft can hurt a business through loss of electronic data, loss of customers and revenue. The company may also liable for damages that come from the theft of third-party data and this is where cyber security coverage can help.

According to a government survey in 2021, four in ten businesses (39%) and a quarter of charities (26%) report having cyber security breaches or attacks in the last 12 months. This is higher among medium businesses (65%), large businesses (64%) and high-income charities (51%).

Any organisation that creates, stores, and manages electronic data online must have cyber insurance to protect their sensitive data. This includes customer contacts, sales, and credit card numbers. Having cyber insurance in place also mitigates against the downtime after a cyber incident which can cause a loss in sales and customers.

If cyber insurance is necessary but the cost of this is rising, how do SMEs protect themselves? Cox stated that the answer lies in companies managing their cyber risk better and for governments to do more to tackle cyber criminals. He warned that, if cyber criminality continues unchecked, insurance will then become unaffordable.

What steps need to be taken to protect your data?

Ensuring that your data is password protected and that passwords are changed regularly is a start. Running cyber security training for your employees so that they understand not to open emails from unknown sources or click links on the internet randomly as well as having all your data backed up and stored safely on the Cloud. Two-factor authentication is another way to ensure your business and customer information remains safe.

What factors affect the cost of cyber insurance?

Apart from a business’ location, insurance companies will consider the nature of a business, the number of sensitive employee and customer records that is stored, whether the business stores credit card and banking information on its customers and the types of security defences in place. If a company has a history of cyber insurance claims or it has been attacked or hacked in the past, this may also make premiums higher.
Just because cyber insurance is expensive, SMEs shouldn’t just leave security to chance. Companies need to know what cyber security measures are in place and that employees have cyber security training. Businesses can contact their insurance company to find out how much coverage will actually cost. It will be more expensive in the long term if there is no insurance in place and a business loses customers.


At the end of November, the UK government introduced their new, updated Product Security and Telecommunications Infrastructure Bill (PTSI).
Cyber Essentials is a government-backed, industry-supported scheme to help organisations protect themselves against common online threats!
A guide to start by taking cybersecurity seriously.
Paddy Bradley MBE talks about his responsibility in ensuring that the Business Cyber Centre (BCC) is a success.