Skip to content ↓ | Skip to navigation ↓

The global cyber insurance market is expected to triple in size, reaching an estimated $7.5 billion in annual premiums by the year 2020, according to a new research study from PwC.

The report, titled “Insurance 2020 & beyond: Reaping the dividends of cyber resilience,” states that 71 percent of insurance CEOs, 79 percent of banking CEOs, and 61 percent of business leaders across all industries see cyber attacks as a threat to growth.

Respondents also ranked cyber attacks as a greater threat than shifts in consumer behavior, the speed of technological change and supply chain disruption.

Furthermore, PwC’s annual survey of security, IT and business executives found that there were nearly 43 million global security incidents detected in 2014 – an equivalent of more than 100,000 attacks a day.

“Boards are coming to realize the need for safeguards against the most damaging cyber attacks,” read the report.

“Cyber insurance is one risk transfer option. Yet, while many insurers have eagerly embraced the revenue growth opportunities opened up by cyber insurance products, others believe that this is too big a risk for them to take on.” 

The report highlights that incidents are significantly more costly for large organizations, with average financial losses due to security incidents totaling $5.9 billion in 2014. For medium-sized organizations, security incidents resulted in a $1.3 million loss last year, while small businesses lost less than $500K.

Screen Shot 2015-09-14 at 12.24.50 PM
Source: PwC

“As recently as 15 years ago, cyber-attacks were fairly rudimentary and typically the work of hacktivists, but with increasing interconnectivity, globalization and the commercialism of cyber-crime, there has been an explosion in both frequency and severity of attacks,” Chris Fischer told TeckWeekEurope, CEO of Allianz Global Corporate & Strategy, a global insurance company.

Nonetheless, Fischer notes cyber insurance is no replacement for robust IT security, but rather creates a second line of defense to mitigate cyber incidents.