In May 2017, a cyber attack by ransomware called ransomware was confirmed worldwide. WarnerCry took a ransom in Microsoft software to get a ransom to encrypt a file and decrypt it. A total of more than 300,000 computers in over 150 countries were perceived as a threat to the reported cyber attacks. In addition to WarnerCry, cyber attacks are evolving and diversifying, and interest in cyber risk is increasing worldwide. As concerns about cyber risks spread, tightening regulations on privacy protection are also becoming a global trend. In Korea, the Personal Information Protection Act was fully enforced on September 29, 2011. In the United States, cybersecurity legislation is intensifying, and in May 2018, the General Data Protection Regulation (GDPR) has been in effect in the EU.
Increasing cyber attacks, increasing interest in cyber risks, and strengthening regulations are likely to lead to an increase in demand for cyber insurance. In the United States, public-private countermeasures against cyber risks occurred earlier than Korea. The use of cyber insurance is also underway, and some estimates that about 85% of the global cyber insurance market (based on imported premiums) is at risk in the United States. This article looks at the most advanced US cyber insurance trends in the world.
At this time, the cyber insurance market is expanding and changing, and a lot of information is coming out. In this situation, this paper summarizes the cyber insurance trends in the United States over the past year to serve as a reference for a wide range of insurers interested in cyber insurance. Also, the opinions and considerations in this article are my personal opinions and do not represent the organizations to which they belong. In the future, as development and use of IoT, autonomous vehicles, and drones are advanced, it is natural that companies and insurance companies face the threat of cyber risks becoming more and more complicated. Corporate expectations for cyber insurance are also expected to increase.
In Europe and the UK, fewer companies have cyber insurance than the US. However, as the company’s interest in data security increases due to the application of the GDPR in May 2018, cyber insurance coverage is expected to improve. For example, GDPR must report to regulatory authorities within 72 hours of a data breach, or to report data subjects such as customers. Corporate compliance risks will increase, and cyber insurance demand is likely to increase. However, if the cyber insurance provided by the insurer fails to meet the company’s expectations in terms of future product content and premium rates, it may be possible to give some of the demand to the captive or insurance link securities (ILS).
There will be an insurance companies need to meet corporate expectations more than ever by partnering with modeling firms and cyber security firms, and by closely accumulating data and risk models and using them to set product customers and rates. The cyber insurance market is still growing in the US and is expected to expand in Europe. As the market is a big change, we should keep an eye on the European movement, which is not covered in this article.