Cyber Insurance Is Among The Fastest Growing Segments

What sort of growth in demand have you seen for cyber insurance in India, especially in terms of number of corporate and individual clients?

Since the onset of the global pandemic, the cyber insurance market has been extremely dynamic and volatile worldwide. With ‘work from home’ and hybrid models more in practice, the essence of a strong cybersecurity framework has emerged more than ever. This has been further fuelled by increase in cyberattacks, resulting in growing needs for cyber insurance products.

According to a report by Data Security Council of India, the cyber insurance market has witnessed a growth of 40% over the past two years in India, and continues to grow at a similar pace across the industry. Aligned to this upward market curve, at HDFC ERGO, we have witnessed a CAGR (compound annual growth rate) of 21% for our cyber insurance products in last four years.

How has the business of cyber insurance grown in terms of premium underwritten? How has the claim ratio grown?

We have seen a 100% rise in claims for cyber insurance products during FY21. Such claims were mainly from all (large, medium and small) sized companies, primarily in pharmaceutical, auto, IT, services and other manufacturing sectors.

What are the types of cyber insurance products being offered by insurers and which segments are in top demand from companies and individuals?

At HDFC ERGO, we offer cyber insurance products for both retail as well as corporate customers. We were one of the first insurers in the market to launch our corporate cyber insurance, in the year 2012. Since 2012, our book for corporate cyber insurance has grown substantially. Today, we are one of the largest cyber insurers in the Indian market.

Earlier, our clientele mainly included companies from the IT/ITES (information technology/information technology-enabled services) industry—that, too, cyber insurance was taken as a contractual obligation under their service contracts. 

But with rise in cyberattacks recently, we have seen corporates from other sectors also quickly adopting cyber insurance products. Financial institutions and healthcare lead in non-IT/ITES sectors for adoption of cyber insurance products.

The adoption of retail cyber insurance products has also been growing. However, the awareness for such retail cyber products is still low and we need to work towards spreading the awareness for such products.

What has been the intake of cyber insurance specialists? How do you see the demand and business of cyber insurance growing going forward?

It is expected that by 2026, smartphone users in India will touch 1 billion. While the digital payment systems have brought in financial inclusion and transparency, the flip side of this is rising security threats and data breaches. Apart from financial institutions, medical facilities and retail chains that are more prone to cyber threats, with the increase in digitized processes and online transactions, manufacturing companies are also exposed to huge security threats. Cybercrime can have a significant negative impact on one’s business if proper precautions are not taken to prevent it. In such a scenario, it is expected that the need for cyber insurance will grow by 30 -40% in coming years.

What kind of cyber threats are emerging and what are companies asking for when it comes to cyber insurance? Which sectors are exposed to the highest cyber risks and how much do they spend annually on cybersecurity covers?

Evolution of attacks is fast and continuously changing. Top trends in attacks are double/triple extortion, access to entire network, attack on supply chains. For years, financial sector topped the list of industries that were likely to be targeted by cyber threats. However, in the year FY22, this place was taken by the manufacturing sector and financial sector moved to No. 2 position.

Over the past few years, the top triggers under the policies have been cyber forensic costs, business interruption costs, data breaches and fraudulent funds transfer due to a cyberattack.

In 2021, the most frequent threats were compromised credentials, phishing, cloud misconfiguration, business email compromise and vulnerability in third-party software, with the most common being malware and ransomware attacks. Apart from IT/ITES, and financial institutions, we are witnessing a rise in demand for cyber insurance products from manufacturing, e-commerce, oil and gas and healthcare sectors.