Cyber risk cover is a necessity

     

Mr. Kushagra Jajoo

Magma HDI General Insurance Company Limited

Cyber risk has consistently featured amongst the top three risks in line with the global trends. Cyber-attacks in India rose by around 200% in 2020, to 1,158,208 from 394,499 in 2019, according to Indian Computer Emergency Response Team (CERT-In) data. Cyber risks continued to remain at elevated levels in 2021, with more than 600,000 cyber security incidents being reported in the first six months of the year alone. India is among the most impacted countries due to cyber incidents, and organizations across sectors have been affected.

Year-on-year, the Indian liability market has seen growth, and 2021–22 was no different. The liability market has grown from USD 421 million to USD 560 million, which is a growth of approximately 33%. While the exact data is not available, out of experience, it can be concluded that the cyber insurance market in India has seen significant growth due to rising demand and growing awareness.

 Cyber insurance has a huge potential for mitigating cyber losses. The frequent and severe cyberattacks have led to a high demand for cyber policies. A lot of companies are now buying cyber insurance, which was not the case two years ago. Now, awareness has gone up substantially. As several insurance companies are providing cyber policies that cover corporate exposure and can protect the entire family against damage to e-reputation, they play a significant role in protecting against cybercrime.

Organisations in IT/ITES, manufacturing, e-commerce, BFSI, fintech, and managed service provider sectors have been particularly targeted by malicious threat actors in recent times. These industries constitute the primary drivers of cyber insurance business in India, with other sectors increasingly considering cyber insurance. There has been an average 60% rise over prior years in the number of inquiries, largely driven by proactive risk transfer considerations and contractual requirements.

Cyber insurance policies have paid out significant costs related to incident response, ransom demands, and business interruption losses caused by a breach incident so far. The extent of losses has resulted in underwriters reexamining how they price risks and has caused a substantial premium hike, coverage restrictions, an increase in retentions/deductibles, sub-limits to ransomware/cyber extortion, the application of coinsurance clauses, and capacity restrictions.