US Cyber Security: Mitigating the Risk for Insurers

In the wake of a multitude of serious data breaches, there are growing concerns about cyber risk within the insurance industry. So what’s the damage? 

Currently, cyber risk is costing the global economy $445 billion annually, $108 billion of which comes from the US, according to a report from insurer Allianz Global. It’s also predicted that cyber insurance premiums will grow globally from $2 billion per year today to approximately $20 billion over the next decade. Further findings from the Allianz Global report state that the top 10 global economies account for 50 per cent of cyber-crime costs, with China, Japan and Germany being at the top of the list with the US.

So what is cyber risk? Cyber risk is an umbrella term for independent risks faced by all professionals, encompassing the loss of data, commercially sensitive information, cyber extortion, multi-media risk, and hardware/ software malfunctions. US insurers are facing increasing exposure to cyber risk through business interruption leaving them with regulatory and financial consequences. As the most underestimated area of business and an area of growth over the next 10 years, insurers now realise that they need to address the issue. 

With cyber risks evolving and changing, the future is set to be much more complex. Initially, corporate data breaches and privacy concerns took centre stage but the future of cyber risk will involve cyber extortion, property theft and the impact of business interruption after a cyber-attack. US insurance providers must be prepared.

How can businesses address impending cyber risk threats? Should they be estimating the consequences of cyber risk to decipher the financial impact of cyber incidents? In short, yes. Businesses might find it beneficial to create a ‘cyber security culture’ with input from different stakeholders, encouraging greater awareness of, a focus on and a strategic approach to, the issue. Alongside this, cyber coverage needs to become much broader; US policies should close the gaps between traditional coverage and cyber policies.

As premiums grow, does this mean future resources are needed to deal with Cyber risk? If so, what skillset will be in demand? It’s up to insurers to spot vulnerable areas of the business, assess security practices of third-party partners and supply chains. Essentially, strategically investing in cyber security and resources should be a part of the overall business strategy. 

If you’re interested in professional services careers within the US, call Stewart Cherry, Director of our US office, today for a confidential chat on +1 646-833-2678 / or visit