Cyber attacks are escalating, and the prices of cyber insurance are rising.
The prices of cyber insurance policies are rising at such a rate that it may cause dizziness. According to a report from the brokerage firm Marsh, the prices in the USA in the first quarter of this year increased 110 percent y/y. For sure, in Poland the market is incomparably smaller and more shallow, but it reflects global trends. According to Marsh Poland’s cyber practice leader – “This year, insurers are taking a very cautious approach to offering cybersecurity insurance to companies. Some insurance companies operate in Poland as branches of foreign insurers and they simply have to implement the strategy being used in the region, which is why a more rigorous approach to risk assessment is observed”.
The ever increasing insurance costs are a consequence of increased intensity and severity of cyber attacks. Insurance companies strive to minimize risk, and when they decide to submit an offer – they introduce, for example, mechanisms limiting their liability. In addition, insurers restrict the scope of protection. This applies primarily to damage such as ransomware or business interruption.
In the above context, it is worth mentioning that last year almost 70 percent of companies operating in Poland reported at least one security breach event. More than 20 percent of companies registered the increase in cyber attacks y/y. Organized criminal groups are leading the way in cyber threats and they are successful in their attacks.
All of this means that more and more players operating outside the regulated and sensitive area takes cyber security seriously. Most companies in Poland do not ignore the problem. More than 60 percent of stakeholders have implemented policies and procedures that translate into formalizing cybersecurity management.
Interestingly, more than half of the companies are confident or very confident about the level of protection against cyber threats (report of the “Digital Business Transformation Monitor”). However, experts note that this high safety rating is most likely the result of a lack of adequate awareness of cyber threats. Only 29 percent of companies have a cyber security team or department.