Cyber risks evolve, price reductions slow

CHICAGO – Claims related to exposure of personal data unrelated to criminal attacks, driven by regulatory activity and class actions, are becoming an increasing concern for the cyber liability insurance market, experts say.

Ransomware-related breaches also remain a significant source of losses, but the attacks are evolving, they said in interviews last week at Riskworld, the Risk & Insurance Management Society Inc.’s annual conference.

Meanwhile, cyber rate decreases have moderated despite rising claims, they said.

“Non-breach privacy,” where personal data or information is exposed through an event other than a malicious act, is resulting in more claims, due to the increased collection and sharing of data and heightened regulatory scrutiny and activity, sources said.

“We continue to see more non-breach-related privacy events, or what most insurers define as ‘wrongful data collection’ coverage. Social engineering and business email compromise also have not slowed down,” said Courtney Maugé, senior vice president, cyber practice leader, at NFP, a unit of Aon PLC.

Cyber insurers are being hit with a variety of claims, said Rich DePiero, New York-based executive vice president and head of Sompo Pro, a unit of Sompo International Holdings Ltd.

“We still have ransomware events. We still have the traditional proactive cyber threats,” even as privacy events and claims continue to evolve, he said.

“The number of ransomware incidents doesn’t go down. It’s just the other components of the pie start to become a little clearer,” including non-breach privacy, said Tim Nunziata, senior vice president, cyber risk, commercial errors and omissions, at Nationwide Mutual Insurance Co.

Privacy claims related to the wrongful collection and misuse of data are increasing, said Jeff Kulikowski, New York metropolitan area-based executive vice president, cyber and professional liability lead, at Westfield Specialty.

Such incidents or claims can generate statutory penalties and negative reputational repercussions and many are settled, he said.

Ransomware

Ransomware claims and threats are evolving, said Mario Vitale, New York-based president of Resilience Cyber Insurance Solutions LLC. For example, criminals are targeting software vendors and providers to attack their clients and customers, which can be held hostage by exploiting the software they have purchased and use.

In some cases, the criminals may sell the information on targets to other threat actors, Mr. Vitale said.

Kara Higginbotham, New York-based head of professional liability and cyber at Zurich North America, also sees ransomware changing and evolving.

“The No. 1 claim we see is still ransomware,” she said. “The difference, though, is in 2024 about 60% of our ransomware claims were ransomware against a third party, not necessarily ransomware against our insured. Our insured reported the claim; they themselves did not have a ransomware event, but their vendor provider did.”

While ransomware activity ebbs and flows, it continues to vex industries of all types, said Tiffany Calhoun, Alpharetta, Georgia-based deputy head of cyber, tech and media for Allianz Commercial in North America.

“I don’t think there’s any industry that’s really immune to ransomware events, and they continue to be a thorn in everyone’s side,” she said.

“There are some really significant, severe ransomware events. They’re still around. Threat actors are extremely creative. They’re evolving,” said Meredith Schnur, New York-based U.S. and Canada cyber practice leader at Marsh LLC.

Pricing

Pricing remains “buyer-friendly” with an “adequate” amount of capital, but decreases have been moderating to single digits, she said.

High-profile events, like the CrowdStrike outage last year have not taken too much capital out of the market, Ms. Schnur said.

Still, “two very large cyber carriers have come out over the past couple of months and started to initiate measures to try to stabilize the market,” she said.

Ms. Higginbotham also sees potential tightening among insurers.

“We’re looking at in 2025 a third consecutive year of rate decreases, and I believe that carriers are going to increasingly have less of an appetite for large premium reduction,” she said. “We are seeing first-quarter rate decreases be less negative, but they are still negative.”

“The market is stabilizing. We’ve seen improved rates sequentially each of the last six quarters, so there’s been a bit of a reaction,” Nationwide’s Mr. Nunziata said.

While cyber claims, including some significant losses, continue to hit insurers, premium volume has tripled since 2018, said Brent Rieth, North America head of cyber solutions at Aon PLC.

“We continue to see each month there’s another new entrant, or two or three that have started to offer cyber insurance,” bringing more capital into the sector, Mr. Rieth said.