The threat of a data breach has risen across all industries in recent years, and the cost of insurance plans to protect against cyberattacks along with it. Cyber insurance costs for financial advisors, broker-dealers and others in the financial services sector have been especially high.

Financial services had the second highest annual cyber insurance premiums by industry in 2021, averaging $2,429 for $1 million in cyber liability coverage, according to a report by business resource firm AdvisorSmith Solutions.

Direct-written premiums collected in 2021 by the largest U.S. insurance carriers rose by 92% year-over-year, according to the National Association of Insurance Commissioners.

And there is evidence that those costs are justified. At least 2.8 billion malware attacks, for example, were recorded in the first half of 2022, an increase of 11% over the previous 12 months, and the first climb in global malware volume in over three years, according to data from cybersecurity company SonicWall.

Advisor Group has aimed to offset the cost of rising insurance premiums for firms on its network, according to Clayton Chandler, chief security, privacy and data officer at the firm, noting that he sees this as a service the firm provides their independent advisors.

“When you're facing something like this 2021 to 2022 transition, where frankly costs — not just advisors, specifically, but just across the board in financial services — you saw cost increases of 80 to 100%,” Chandler said. “What can we do to bear some of that for our advisors? Can we absorb some of that cost and make it a bit more tolerable?”

Advisor Group not only maintains a cyber insurance policy for its home office, but also for its advisors to cover costs such as forensic support and identity protection in the event of a data breach, according to Chandler.

“I've been in many, many conversations with potential clients,” Chandler said. “And they say, ‘Look, I'm not necessarily looking to affiliate with a particular organization based on the acute financials of a particular transaction and how many pips I get on this versus that. I want to know that you're helping me protect my data, because the cost of that black swan event far outweighs the cost of a given transaction.’”

High Rate of Reinsurance

Rising premiums have, in part, been driven by the high rate of reinsurance to be able to underwrite for cybersecurity coverage, according to Thomas Johansmeyer, head of property claim services at Verisk Insurance Solutions.

“The way it works out, insurers allocate capital to different lines. Now if they were owning the risk that they write, then they would be in complete control of how much capital they allocate to the risk,” Johansmeyer said.

“The challenge here is that insurers rely heavily on reinsurance in the cyber sector. I've seen estimates that as much as 55% of what insurers write gets ceded into reinsurance, and reinsurers haven’t been growing their allocations to the cyber sector as fast as insurers would like, so this creates a further constraint on how much they can write and amplifies that scarcity issue, which could be a contributor in recent crises as well,” he added.

Digital Hygiene

While there’s a demand for cyber insurance policies to mitigate the cost of a potential cyberattack, that insurance alone should not be considered a catch all solution, according to Gary Sullivan, senior director of emerging risks at industry group American Property Casualty Insurance Association.

Digital hygiene and proper data governance practices are also key, Sullivan notes.

The cyber insurance market is still relatively new, and the insurers’ ability to underwrite for cyber risk is likely to improve overtime.

“There are cycles within markets. The cyber market is relatively young and evolving, and it is currently in a state of lower capacity. However, there is and expected to be appetite by insurers to write cyber insurance.”