What AM Best Says
AM Best: Insurers Reassessing Cyberrisk Due to Ransomware, Aggregation Risks
Cyber insurers are reacting to the consequences of ransomware attacks as a new AM Best report says the trend in cost containment is disturbing.
- John Weber
- August 2021
First-quarter cyber insurance premium rates rose 18% as insurers are seeing the containment and defense costs of ransomware may outpace the actual ransom, said Christopher Graham, senior industry analyst, AM Best.
Following is an edited transcript of the interview.
How will cyber insurers respond to some of these more high-profile attacks?
The first and most obvious thing we're seeing is rates increasing. Premium rates seem to be up about 18% in the first quarter of 2021.
We'll see more defined term limits in terms of dollars, what the policy terms on the ransomware are. In the more extreme situations, we've seen something overseas, Axa shutting down ransomware payments in France.
All these things make the cost far more than just the cost of the ransomware, to the point that you could have, on smaller claims, the defense and cost containment being more than the actual ransomware claim.
What are the industry challenges concerning claims data?
It's hard to collect the claims data, because what makes a claim, in some cases? How many times do you even have claims with maybe no payment? How many times do you see claims going for $5 million or $4.5 million, which is what we saw in the Colonial Pipeline? It's the rumored number. It's going to be very volatile on claims, and that's going to make any analysis difficult.
The Best's Market Segment Report describes the trend in defense and cost containment as disturbing. Why?
When you look at some of the defense and cost containment aspects of the Colonial Pipeline—they had to shut down the flow of oil through their pipeline. That has a cost to it. Then they had to reopen. That has a cost. There's the legal cost of negotiating the payment on the ransomware. All these things make the cost far more than just the cost of the ransomware, to the point that you could have, on smaller claims, the defense and cost containment being more than the actual ransomware claim.