Skip to main content
Marsh logo

Webcast

Q4 2024 update on the US cyber insurance market

Building cyber hygiene and more robust insurance programs

12/13/2024

To date, 2024 has seen reinforcement of existing cyber exposures — including the ongoing threat of ransomware — and heightened challenges from privacy risk, generative AI, and third party-driven cyber incidents with widespread consequences and correlated losses, such as CrowdStrike and Change Healthcare.

Many businesses have reevaluated their risk tolerance, assessed overall cyber exposures, and structured cyber insurance programs that better align with their needs. Meanwhile, the cyber insurance market has shifted in insureds’ favor, as rates have stabilized, leading to increased capacity and more coverage options.

 A closer look at market conditions

The US cyber insurance market in 2024 has experienced a stabilization in rates — a welcome change from the significant increases in rates and constraints on coverage seen over the past few years.

Rates continue to stabilize despite evolving claims and risk trends

Average US cyber price per million: Jan. 2023 – Sept. 2024

Many clients this year have increased their cyber insurance limits or reduced their retentions. This shift may indicate a growing confidence in the market and recognition of the importance of insurance in mitigating potential losses from cyber incidents.

Clients are increasing limits and re-evaluating risk tolerance

US cyber insurance purchasing trends: Q1 2022 – Q3 2024

At the same time, the nature of cyber claims is changing. With cyber events becoming more sophisticated and complex, many claims are becoming long-tail events with significant business interruption losses and privacy risks.

A snapshot of the cyber insurance market through Q3 2024

Rates:

-4% average decrease

Program structure:

20% of clients increased limits; 19% reduced self-insured retentions

Underwriting:

Cyber hygiene increasingly viewed as essential by insurers

The positive trends in the cyber market have occurred despite continued fallout from notable cyber events, including MOVEit, Change Healthcare, and CrowdStrike. The CrowdStrike event this summer showed how significant challenges can arise even from a seemingly innocuous issue with a software update — not every event is tied to a malicious threat actor. 

Underwriting scrutiny continues

The underwriting process remains concerned with cyber hygiene. Insurers continue to scrutinize organizations’ cybersecurity practices to confirm they have effective controls in place. The emphasis on cyber hygiene not only helps insurers gauge risk, but also encourages businesses to reevaluate their risk tolerance, better understand their cyber exposures, and maintain more effective controls. 

Businesses that demonstrate continuous improvements in their cyber hygiene may be able to access more favorable terms and pricing. As clients recognize the evolving nature of their risk, they may decide to increase limits and also may find that enhanced cybersecurity measures could provide greater flexibility in and control of their insurance options.

Improved cyber hygiene creates more flexibility and control

US cyber insurance retention trends: Q1 2022 – Q3 2024

And insurers remain concerned regarding issues such as privacy, the potential for catastrophic loss(es), and decisions coming from reinsurers. 

Despite these challenges, cyber insurance capacity is available with new entrants coming into the market, as well as some carriers increasing limits on existing programs. This reflects a competitive landscape and maturing cyber insurance product that is adapting to an evolving risk environment.

Assessing the market drivers

Several key drivers are influencing the cyber insurance market, with ransomware standing out as a prominent concern with attacks increasing in severity and sophistication. Ransomware attacks continue to contribute to insurance claims and financial losses for businesses. Through October 2024, Marsh clients reported 1,641 total cyber events in US and Canada with 11% of those notifications related to cyber extortion and ransomware. 

Additionally, privacy risk is top of mind for insurers and clients alike. The rise in frequency and severity of privacy and regulatory claims has prompted many businesses to reassess their risk exposure and adequacy of insurance coverage. With new privacy laws emerging and existing regulations becoming more stringent, organizations need to be diligent in understanding the potential liabilities they face in the event of a data breach or noncompliance. 

In addition to privacy claims, third-party risk is also top of mind for insurers and clients and is a contributing factor to the claims volume. 

Preparing for the future 

Looking ahead, new technology will continue to influence the underwriting process. Existing casualty, media, cyber, and first-party insurance products, among others, are expected to continue to cover generative AI exposures. Within these lines, some insurers are beginning to ask questions about generative AI use cases and governance. While generative AI risks are extensions of existing, familiar risks, corresponding loss frequency and severity may be impacted — though it is too early to tell. Claims activity remains limited given it has only been a few years since generative AI technology became widely adopted. Most carriers have not introduced new generative AI-specific policies and/or endorsements to date, although some limited generative AI-specific language has surfaced.

Additionally, the rise of third-party cyber risks and new privacy laws will require insurers to enhance risk assessments and support clients in adapting their risk management strategies. Actions that may be beneficial for organizations include: 

  • Establish proof of loss protocols: Implement clear procedures for documenting and reporting incidents to ensure that proof of loss is readily available, which can expedite the insurance claims process.
  • Engage forensic accountants: Consult forensic accountants to assess and analyze financial impacts of cyber incidents. Their expertise can provide detailed insights to support claims and enhance understanding of vulnerabilities.
  • Pre-approve vendors: Work with insurers to pre-approve vendors for incident response and recovery. This can streamline the response process during a cyber incident, and may help reduce downtime and potential losses.
  • Carefully select your primary insurer: Carefully evaluate and choose a primary insurer that aligns with your organization’s needs and values. A strong partnership with an insurer can facilitate better communication and support throughout the claims process.
  • Enhance cyber hygiene practices: Regularly update and train employees on cybersecurity best practices, conduct vulnerability assessments, and implement robust security measures to reduce the likelihood of incidents and improve overall resilience. Insurers may offer more favorable terms and pricing based on your existing cyber hygiene and commitment to improvement.
  • Regularly review your cyber insurance policies: Periodically assess and update cyber insurance policies to ensure they adequately cover evolving risks and align with the organization’s current operations and threat landscape.
  • Review your contracts with key third parties: Consider what insurance and cybersecurity requirements are relevant for the type of vendor you’re engaging with – consider the criticality of the vendor and what type of access they have to your network and data. 

As businesses face an increasingly complex array of threats, the demand for cyber insurance is likely to grow, driving innovation and adaptation within the industry.

As insurers and clients work together to navigate these challenges, the focus on cyber hygiene, regulatory compliance, and comprehensive coverage will be paramount. The future of cyber insurance will depend on the industry's ability to adapt, innovate, and help clients thrive.

To learn more about managing your cyber exposures and structuring your cyber insurance program, contact a Marsh representative. 

Related insights

Mountains and lake aerial view

Article

The price of privacy risk: Managing the wide range of data exposures

11/11/2024
Business Colleagues Walking

Article

Emphasizing preparedness: The role of out-of-band communications in cyber incident response

11/11/2024
Green plant grow in middle dry cracked earth. nature recovery and climate change solution

Article

Always on: Preparing for the future of cyber risk

11/06/2024
Woman looking at mountains

Article

Fundamental considerations for building cyber risk resilience

10/03/2024
View more