Insider Intelligence delivers leading-edge research to clients in a variety of forms, including full-length reports and data visualizations to equip you with actionable takeaways for better business decisions.
In-depth analysis, benchmarks and shorter spotlights on digital trends.
Learn More
Interactive projections with 10k+ metrics on market trends, & consumer behavior.
Learn More
Proprietary data and over 3,000 third-party sources about the most important topics.
Learn More
Industry KPIs
Industry benchmarks for the most important KPIs in digital marketing, advertising, retail and ecommerce.
Learn More
Client-only email newsletters with analysis and takeaways from the daily news.
Learn More
Analyst Access Program
Exclusive time with the thought leaders who craft our research.
Learn More

About Insider Intelligence

Our goal at Insider Intelligence is to unlock digital opportunities for our clients with the world’s most trusted forecasts, analysis, and benchmarks. Spanning five core coverage areas and dozens of industries, our research on digital transformation is exhaustive.
Our Story
Learn more about our mission and how Insider Intelligence came to be.
Learn More
Rigorous proprietary data vetting strips biases and produces superior insights.
Learn More
Our People
Take a look into our corporate culture and view our open roles.
Join the Team
Contact Us
Speak to a member of our team to learn more about Insider Intelligence.
Contact Us
See our latest press releases, news articles or download our press kit.
Learn More
Advertising & Sponsorship Opportunities
Reach an engaged audience of decision-makers.
Learn More
Browse our upcoming and past events, recent podcasts, and other featured resources.
Learn More
Tune in to eMarketer's daily, weekly, and monthly podcasts.
Learn More

Cyber insurance is a hot topic for banks—here’s how to make sure it doesn’t become a hot potato

The news: Cyber attacks are on the rise across all industries, and conversations around cyber insurance have taken off. But cyber attacks are constantly evolving and becoming more sophisticated, making cyber insurance coverage a tricky business. The complexity involved means that organizations should conduct due diligence to determine whether cyber insurance is the best fit.

Here we review seven considerations to take into account before investing in cyber insurance, per CSO online.

Insurance premiums may cost more than incident remediation.

  • The rapid escalation in ransomware attacks is increasing demand for ransomware coverage. Consequently, premium costs are skyrocketing. Premiums can range from £100,000 ($118,000) to over £1.5 million ($1.76 million).
  • Operational resiliency functions are expanding in quantity and quality, making remediation less costly. Many company executives are starting to believe it’s more cost effective to bypass cyber insurance and cover remediation costs if an incident occurs.

Insurers are scaling back on ransomware coverage.

  • The rising demand for ransomware coverage is also changing how insurers approach policies for these types of attacks. Ransomware attacks are highly variable, making it tough to dictate what a policy should include before an attack occurs.
  • Because it’s actuarially hard to quantify the risk associated with a ransomware attack, insurers are providing minimum coverage. Many are even beginning to remove coverage of the ransom payment.

Fewer insurers will cover state-nation cyber attacks.

  • As cyber attack strategies mature, insurers are defining strict requirements for what they will and won’t cover, and state- and nation-backed cyber attacks are often excluded from policy coverage.
  • As an added challenge, organizations often have difficulties accurately attributing the source of the attack, and insurers will unilaterally decide what they consider to be a state-nation attack.

A business may already be self-insured against cyber attacks.

  • Some organizations and even small government agencies pool together funds from which they can pull from in the event of a catastrophic event, like a cyberattack.
  • Involvement in a consortium like this can also create additional remediation efficiencies if affected businesses work together.

Many insurers base their premiums on a standard questionnaire.

  • When providing a quote for cyber insurance, insurers will most times complete a point-in-time standard questionnaire to determine coverage—without conducting any further examination of an organization’s cybersecurity position.
  • The resulting premium may not cover all areas that could be affected by a cyber attack, or it could result in paying for coverage of areas that aren’t at risk. It also doesn’t account for an organization’s enhancements to its cybersecurity defenses over time.

Many insurance policy requirements are tough to comply with.

  • It’s vital to be aware of all of the requirements that must be met for a cyber insurance policy to be valid. If even a single requirement isn’t met, the policy could be deemed useless.
  • Organizations that have thinly staffed cybersecurity divisions or don’t consistently ensure all protections are up to date and implemented in a timely manner might be better off avoiding cyber insurance.

The investment in cyber insurance could be better used for investing in cybersecurity improvements.

  • Cyber insurance isn’t a substitute for cybersecurity. Before choosing to spend large sums of money on an insurance policy that might be deemed ineffective in the event of a cybersecurity breach, determine if those funds could be better spent on upgrading cybersecurity controls.

The bottom line: Cyberattacks are a major threat to nearly every business, and it’s easy to get caught up in the widespread belief that cyber insurance is necessary to protect an organization. But attaining an effective cyber insurance policy starts with developing a successful cybersecurity posture within the organization. Otherwise, cyber insurance could just add to the woes and expenses of a cyber attack.

This article originally appeared in Insider Intelligence’s Banking Innovation Briefing—a daily recap of top stories reshaping the banking industry. Subscribe to have more hard-hitting takeaways delivered to your inbox daily.