Insurance Day is part of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC’s registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

This copy is for your personal, non-commercial use. For high-quality copies or electronic reprints for distribution to colleagues or customers, please call UK support +44 (0)20 3377 3996 / APAC support at +65 6508 2430

Printed By


Aon warns of ‘great shift’ on cyber insurability

Insureds have to jump through ever-higher hoops to secure cyber insurance, with coverage not available at all for less-than-excellent risks

The cyber insurance market has experienced a “great shift” where only the best risks are able even to find cyber insurance, as carriers grapple with the soaring cost of ransomware claims, Aon has warned.

Brent Rieth, US practice leader in the broking giant’s errors and omissions/cyber team, said insurers are “paying far closer attention to the controls insureds need to have to be eligible to purchasing this insurance”.

Insureds face having to answer a “wide-ranging list of questions” before coverage is granted. Those that fail to provide convincing answers typically are refused coverage outright, rather than being asked to pay a higher rate, Rieth said during a webinar on the topic.

Criteria for refusal include a lack of multifactor authentication (MFA), endpoint threat detection and response (a cyber security technology that continually monitors an “endpoint” to mitigate malicious cyber threats), or a lack of back-ups.

The new criteria are the market’s response to soaring ransomware costs. By Aon’s calculations, there has been a 323% increase in ransomware claims frequency from the first quarter of 2019 to the fourth quarter of 2021.

“In contrast, there has been a 75% decrease in data breach privacy claims that we are seeing,” the broker said.

The ongoing Russia-Ukraine conflict has also raised fears of a new wave of cyber attacks. In 2017, the Not­Petya ransomware was used by Russia to target Ukraine, which had a massive impact on companies around the world including WPP, pharmaceutical company Merck, Danish shipping firm Maersk and many others.

On March 28, US president, Joe Biden, said US businesses have a “patriotic obligation” to protect themselves from cyber attacks. Businesses must “harden [their] cyber defences immediately”, he said.

A recent study showed cyber attacks and data loss are the top risks facing company directors with cyber extortion and the growth of ransomware attacks a leading concern.

Some two-thirds of respondents to the survey of company directors around the world said cyber attack is very significant or extremely significant risk. A similar proportion said the same of data loss.

Around six out of 10 feared cyber extortion and around half were concerned about regulatory risk, the survey by WTW and Clyde & Co found.

In response to this more recent conflict, Aon has seen carriers bring in updated war and terrorism exclusions, sanctions exclusions and geographically specific exclusions.

“I believe the bar has been massively raised for insurability,” Alistair Clarke, Aon’s UK cyber broking leader, said. “No client should automatically assume themselves to be insurable in this market, as perhaps was the case in the past.

“We need to show continued iterative improvements on every renewal to ensure we can have continuity of coverage,” Clarke added.

Aon’s larger clients have benefited from having a greater range of responses available to them compared with smaller insureds.

“While our big clients have seen big price increases in most situations, I think they generally have more levers to pull than our smaller and mid-market clients,” David Molony, head of cyber solutions for Aon’s Europe, the Middle East and Africa business, said. “Whether that is higher retention, captive involvement or in certain circumstances just buying less limit.

“The mid-market doesn’t necessarily have that level of option and doesn’t have the ability to drastically reduce the limits in this market. So I think it is enormously challenging,” he added.





Ask The Analyst

Ask The Analyst - Ask Your Question Send your question to our team of expert analysts. You can: • Ask for background information on/explanation of articles in Insurance Day * • Find out more about our views on industry developments • Ask for an interpretation of market trends • Source supplementary data relating to articles • Request explanations to further your understanding of current issues (* This relates to any Insurance Day that is included as part of your subscription) We will do the research and get back to you personally with the information you need.

Your question has been successfully sent to the email address below and we will get back as soon as possible. my@email.address.

All fields are required.

Please make sure all fields are completed.

Please make sure you have filled out all fields

Please make sure you have filled out all fields

Please enter a valid e-mail address

Please enter a valid Phone Number

Ask your question to our analysts