Looking back historically, cybersecurity insurance was relatively cheap and easy to get. Typically, an agent would send businesses one-page applications that would see quick turn around times and high approval rates. It was almost as simple as asking for and receiving cybersecurity insurance. But the days of quickly filling out applications and spending a couple hundred bucks for coverage are long gone. While there are many reasons for this change in accessibility, the reality of cyber insurance in 2022 will be defined by a few major characteristics:
Businesses are getting crushed in the cyber world and carriers are paying out massive fees to assist with business recovery. The primary issue is that businesses are not securing their networks properly. If we look back at 2021, carriers were slammed with claims while operating at extremely high loss rates. To deal with this and return to cyber coverage as a profitable solution, carriers are clamping down on businesses through a more comprehensive application. As a result, quick applications are long gone, replaced with a more common 10-12 page application. At Black Talon Security, we perform a scan review and a comprehensive audit.
At Black Talon, we ask what type of tools your business uses along with the security and disaster recovery plans and training. With these types of questions, applications are getting increasingly granular because of the associated high risk. For example, if your business had a prior claim, there is a likelihood you won't be able to get coverage in 2022. Similarly, if your business doesn't have next generation anti-virus software in place, it is very unlikely you will get coverage. The same applies to formalized disaster & recovery plans and incident response plans in place. Without building a strong foundation for securing your business network, carriers will be less inclined to grant coverage.
Insurance companies are clamping down hard leaving businesses unable to offset risk by just purchasing a policy. Instead, real security implementation is required within the business, beyond what the IT company provides. Businesses are most likely going to face increasing difficulties in finding a policy either due to exorbitant cost or denials.
The trends that we forecast for 2022 will impact more than cyber insurance. Stricter policies will also affect the chances of receiving loans because underwriters are beginning to request information on whether you're covered in the event of a cyber attack as a part of the collateral on your business.
Bottom line, cybersecurity will be a major part in the underwriting process as we move forward – without cybersecurity your business can be a significant risk to insurers, lenders, as well as your own clients. It's important to understand the necessity of both cybersecurity and cyber insurance as we move through 2022.