Current Cyber Threat Scenarios Observed in Europe
Business Email Compromise (BEC) remains the most prevalent threat to European companies. Malicious actors gain control over email accounts to manipulate employees or business partners, posing serious repercussions. Ransomware continues to be the most financially damaging, encrypting systems to demand a ransom. Furthermore, infostealer malware is an evolving danger, stealing passwords and granting attackers undetected access to corporate accounts. These attacks are continually advancing, largely due to the integration of artificial intelligence (AI).
Impact of Geopolitical Changes
We are witnessing the formation of new alliances among attackers and an increased focus of Russian cyber resources targeting Europe, aiming to sow discord and insecurity. Espionage activities are on the rise, with cyber criminals finding new patrons in authoritarian nations. Companies must take these developments seriously. Concurrently, the demand for European-made cyber protection is growing. As a BSI-qualified provider against advanced persistent threats, we are highly sought after by both companies and government entities.
Cyber Insurance and IT Insurability
Contrary to the GDV’s assertion that many firms are uninsurable due to their IT infrastructure, we disagree. Many businesses have strategically invested in cybersecurity, a trend that is ongoing. As IT security improves, so does the insurability of risks. Currently, we are experiencing a soft market in cyber insurance, characterized by lower prices and insurers willing to cover previously ignored risks. However, given the current threat landscape, it is unrealistic to think this won’t lead to higher claims figures.
The Role of New Providers in Cybersecurity
There is significant innovation and dynamic offerings in the market. Cyber represents one of the few areas where InsurTechs currently have opportunities for both customers and investors. New entrants like Coalition, Baobab, and Stoik employ technologies such as surface scans to assess a company’s cyber risk during sales and application processes. This approach promotes active insurance and reduces entry barriers for brokers and clients. Depending on how scan results are utilized, providers can substantially mitigate cyber risks through technology, extending beyond traditional cyber offerings.
Eye Security’s Position Among Innovative Cyber Providers
We focus on cybersecurity from a protective standpoint, actively defending companies against cyber risks before covering residual risks with insurance offered through our underwriting agency. The Security Operating Centre (SOC) is a highly effective solution, likened to the Iron Dome by one of our broker partners. While SOCs have long been used by large corporations, Eye Security has made this solution scalable and accessible to SMEs, supplementing it with insurance options.
Effectiveness of Coverage Concepts with Technical Protection
Based on media reports, the loss frequencies and rates of tech insurance companies are encouraging, supporting the approach. Eye Security’s metrics are similarly positive. We have been in the market for over four years, protecting more than 700 SMEs and public authorities. Despite the frequent targeting of our clients, our software and security experts have successfully detected, isolated, and neutralized threats, resulting in no claims thus far. We are experiencing more partnership requests from insurers than we can accommodate.
Collaborations with Insurers
In Germany, we collaborate with Chubb, Ergo, and Lloyds Hamilton.
Brokers and Cyber Insurance
Since the inception of cyber insurance in Germany, brokers have significantly evolved. We’re consistently impressed by the expertise of our broker partners, who have heavily invested in technical knowledge and understand the nuances of technical cybersecurity solutions. Some brokers can even articulate technical concepts like SOCs. Brokers are expected to provide ‘best advice,’ moving beyond simply comparing terms and conditions to acting as risk managers, helping clients protect against cyber threats. Failing to do so may allow other service providers, such as IT system houses, to fill the gap. The proactive approach many brokerage firms have taken is commendable.
Is This True for All Brokers?
No, there’s considerable variability in cyber expertise among brokers. This is not problematic if a brokerage firm consciously decides to not build extensive expertise in-house but instead leverages services from entities like Cyberdirekt, Finlex, or IT security providers. Many examples show this strategy works well. However, it is concerning when even larger brokerages neglect cyber issues. It raises questions about their proximity to their clients and understanding of their risks.
Characteristics of a Strong Cyber Broker
The main challenge in selling cyber insurance is alleviating sales staff’s hesitation to approach clients. Many account managers, comfortable with traditional products, are intimidated by cyber’s complexity and fear specific customer queries. A strong cyber broker addresses this challenge through either in-house expertise or strategic partnerships, integrating experts with sales. New underwriting agents also tackle this issue by simplifying entry into cyber sales. Nevertheless, the simplest product isn’t always the best fit for a client’s specific cyber risk profile. Best advice encompasses more.
Future Outlook
I anticipate a hardening of the cyber insurance market in the next 12 to 18 months. The geopolitical polarization is exacerbating the threat environment, leading to an increase in attacks and incidents, including more fraud and espionage. Therefore, it is more crucial than ever to effectively protect companies from cyber risks.
