Cyber Insurance at the Forefront of Risk Management
Cyber insurance remains one of the fastest-growing sectors in the insurance industry. As cyber threats escalate globally, businesses are expanding coverage to safeguard against emerging risks. The Policyholder Review 2024/25, from UK law firm Stewarts, is their first annual review of the insurance disputes landscape. The report covers key areas such as cybersecurity, business interruption, war and political risk, and construction. We examined key elements related to cyber risks. Below is a summary.
The CrowdStrike Outage: A Cyber Risk Cautionary Tale
One of 2024’s most significant cyber events (that’s a mild take) was the global CrowdStrike security software outage. It caused widespread business disruptions, with critical sectors such as healthcare, travel, and finance among the hardest hit. The outage affected an estimated 8.5 million devices worldwide.
While initially feared to be a “black swan” event, its long-term financial impact was lower than expected. The incident still raised crucial questions about cyber insurance coverage, particularly regarding business interruption policies and waiting periods.
Many businesses discovered that their policies did not cover non-malicious system failures. This realization has driven increased scrutiny of cyber insurance terms and the need for broader coverage.
State-Backed Cyber Warfare
State-sponsored cyber threats remain a major concern for insurers. This reality doesn’t look to be abating. Geopolitical tensions appear set to grow. Cyber warfare risks are becoming a top agenda item in policy discussions. The report highlights ongoing debates about how insurers should respond to large-scale, state-backed cyber incidents.
Lloyd’s of London has limited its exposure to cyber warfare risks. New market bulletins now require standard cyber policies to include exclusions for state-backed cyberattacks. These exclusions have sparked controversy, as policyholders fear being left vulnerable in the wake of a major attack.
Ransomware Attacks: A Shifting Landscape
Ransomware continues to be a dominant cyber risk, and cybercriminals’ tactics are evolving. The bad actors are demanding smaller ransoms to increase the likelihood of payment. At the same time, companies need to reconsider whether paying ransoms is the most prudent course of action.
The healthcare sector has been a primary target, with major attacks in both the U.S. and UK. The Change Healthcare breach in early 2024 resulted in a reported $22 million ransom payment. A June 2024 ransomware attack on UK pathology firm Synnovis disrupted thousands of hospital appointments and compromised patient data.
These incidents underscore the importance of strong cybersecurity measures and the role of cyber insurance in mitigating financial losses.
Business Interruption Coverage: A Growing Concern
The report highlights increasing concerns about business interruption (BI) coverage within cyber insurance policies. Many policies include waiting periods that must be met before coverage kicks in. The CrowdStrike outage exposed gaps in this coverage, with some businesses unable to claim losses because the downtime did not exceed policy thresholds.
Other key BI coverage questions for 2025 include:
- Third-party system failures: Will policies cover losses caused by supply chain disruptions?
- Multiple occurrences: How do policies handle repeated cyber incidents quickly?
- Indemnity periods: Are current policy timeframes sufficient to cover long-term financial impacts?
Emerging Risks: AI and Supply Chain Vulnerabilities
Artificial intelligence (AI) presents businesses with both opportunities and new risks. As generative AI adoption grows, insurers are assessing potential threats, including AI-driven cyberattacks and data manipulation.
Supply chain vulnerabilities are another area of concern. The CrowdStrike outage demonstrated the risks of reliance on a single technology provider. Businesses are now reviewing policies to determine whether they have coverage for supplier-related cyber disruptions.
Navigating the Cyber Insurance Market
The cyber insurance market remains highly competitive, which means new players are entering it. Policyholders are benefiting from premium reductions and relaxed security requirements. But not all the change is benefiting the insured, insurers are becoming more selective, and coverage discrepancies between policies are widening.
The report warns businesses against choosing policies based solely on cost. Policyholders must carefully evaluate coverage terms to ensure they receive adequate protection when a cyber event occurs.
Conclusion
Cyber risks continue evolving, presenting new challenges for insurers and businesses. The Policyholder Review 2024/25 emphasizes the importance of robust cyber insurance policies and proactive risk management strategies.
It’s not a new refrain. As threats grow, from ransomware and state-backed cyber warfare to AI attacks, the insurance industry faces a constant struggle. This conflict, like any, requires consistent adaptation. Doing it like you did yesterday is not an option. The coming year will test whether current policies can withstand the rapidly changing cyber landscape.
Other News: Cyber Risk Pool Urgently Needed to Protect from Catastrophe
