em360tech image

A report by Mactavish has found that soaring cyber insurance costs have forced over half of UK firms to slash spending on other business areas amid the heightened threat of cybercrime.

According to the report, which surveyed 902 risk professionals from companies across all sectors, 56% of companies have been prompted to make cutbacks to other parts of the business due to inaccessible insurance premiums. 

Some of the main areas affected included reducing office costs (53%) and staff bonuses (43%) and cutting other types of insurance (25%), indicating a wider impact on the risk profile of UK companies. 

Many of the companies interviewed said they prioritised cybersecurity due to the ever-growing threat of cybercriminal activity forcing business leaders to make difficult cutbacks. 

Discussing this recent surge in cybercrime, Dr Larry Ponemon, chairman and founder of the Ponemon Institute, said that for companies “the stakes couldn’t be higher.” 

“Attacks cause damage to the critical infrastructure  of a business, leaving it particularly vulnerable “in the face of today’s stiff macroeconomic headwinds,” he added. 

79% of the businesses surveyed by Mactavish experienced a cyber-attack in 2022,  while almost all (98%) of respondents admitted to feeling vulnerable to a cyber-attack as a direct impact of the geopolitical climate.

Higher risk means higher insurance costs – but less confidence

As the anxiety around cybercriminal activity business decisions takes hold of business decisions, the report notes that cyber insurance firms are raising prices to meet demand but not improving security products to keep pace with the increasing threat. 

Marsh’s Q3 Pricing index showed that cyber insurance costs increased by 66% in the third quarter of 2022, following a 102% year-over-year peak increase in Q1 of 2022, a faster increase than any other market. 

Despite the increase in cyber insurance uptake, however, the report noted that coverage is being continuously eroded as exclusions and policy terms are tightened, leaving customers feeling unsatisfied and uncertain about what their insurance protects them from. 

The majority of business leaders surveyed said they lacked confidence in insurers' willingness  to pay their companies when cyberattacks strike, with a quarter (25%) of respondents saying they didn’t believe they would be compensated in the event of an attack.

Cyber insurance must be tailored to meet market needs

The sharp rise in insurance costs, paired with the heightened frequency of attacks and reduced cover has made cyber insurance the most difficult end of an already difficult market. 

While some companies have made sacrifices to business operations to adapt to the new challenges insurance poses for operations, nearly a quarter (23%) of the companies surveyed said they had no specific cover despite the period of increased risk of cyber attacks. 

To read more about cyber attacks, visit our dedicated Business Continuity Page

“It would be ignorant to disregard the turbulent landscape the business world is confronted with in the face of the longest hard market on record with insurers pumping up premiums and creating long-lasting hard conditions for policyholders,” Bruce Hepburn, CEO of Mactavish explained. 

“The impact of global crises, the war in Ukraine and the sustained impact of the pandemic mean that company risk profiles have changed and it’s important that businesses adjust their insurance policies to reflect this, or they’ll fall foul to a lack of protection at a time of increased vulnerability, he added. 

As well as enterprises choosing their insurance providers carefully, however, the report highlights the need for providers to be clearer about what their insurance covers so that companies fully understand how protected they are against the heightened risk of attack. 

The full report can be accessed on Mactavish's website