The future of the life insurance industry will be shaped by a range of disruptive themes, with cybersecurity being one of the themes that will have a significant impact on life insurance companies. A detailed analysis of the theme, insights into the leading companies, and their thematic and valuation scorecards are included in GlobalData’s thematic research report,Cybersecurity in Insurance – Thematic Research. Buy the report here.
Cybersecurity revenues in the insurance sector will grow at a compound annual growth rate (CAGR) of 11% between 2020 and 2025, according to GlobalData forecasts. The sector’s rapid digital transformation will drive this growth. The rise in complex ransomware attacks, the persistence of hybrid working models, ongoing supply chain threats, and the Russia-Ukraine war have all accelerated the need for robust cybersecurity defences across sectors, including insurance.
Covid-19 led to more customers accessing their accounts digitally and insurers selling through digital channels, increasing the sector’s cyber risk. In 2021, leading financial institutions AXA, Tokio Marine, CNA Financial, and Banco Pichincha were hit by cyberattacks. There are also fears that the Russia-Ukraine war may give rise to state-sponsored attacks that target critical infrastructure, military operations, and businesses. Such attacks could not only target insurers but could lead to expensive payouts and damage the reputations of those reluctant to pay.
The pandemic accelerated the need for cyber insurance, but insurers are yet to translate this into improved penetration rates. With the cost of cyber insurance rising to reflect increased cyber risk, policy uptake fell between 2019 and 2021 as many SMEs sought to cut costs. AXA’s decision to stop writing cyber policies that reimbursed ransom attacks may encourage other insurers to follow suit and rethink their risk exposure, forcing businesses to strengthen their cybersecurity frameworks in case of a ransom attack. Some insurers, such as Hiscox, are educating their clients on identifying and mitigating cyber risks to reduce the chance of a human error-induced breach.
However, not all companies are equal when it comes to their capabilities and investments in the key themes that matter most to their industry. Understanding how companies are positioned and ranked in the most important themes can be a key leading indicator of their future earnings potential and relative competitive position.
According to GlobalData’s thematic research report, Cybersecurity in Insurance, leading adopters of cybersecurity in the life insurance sector include: AIG, Allianz, Aviva, Chubb, Hiscox, Marsh, Munich Re, Ping An, Swiss Re, Travelers and Zurich Insurance.
Insights from top ranked companies
AIG’s information security approach features intelligence-driven risk management, data and identity access management, and workforce training and awareness. It has partnered with the National Cybersecurity Alliance to recognise Cybersecurity Awareness Month every October with resources that reinforce a strong cybersecurity culture among its workforce, disseminating best practices and online safety guidelines. In June 2021, it formed CyberAcuView with other leading cyber insurers, a company aimed at mitigating cyber risk in the insurance industry. Also among the consortium are Chubb, The Hartford, and Travelers. AIG can provide businesses with its standalone CyberEdge policy, or its cyber insurance can be endorsed onto select property and casualty or financials lines. It is the second-largest standalone cyber insurance provider in the US, generating $2.3bn in direct written premiums in 2019, according to the National Association of Insurance Commissioners (NAIC). In 2017, it partnered with CrowdStrike and Darktrace to launch CyberMatics, a cybersecurity model that evaluates clients’ cyber risk scores.
Chubb uses various information security tools to protect its systems, including encryption, firewalls, and intrusion detection and prevention systems. Its information security team monitors networks for anomalous activity. Chubb’s expertise in the liability insurance market has enabled it to become a leader in cyber insurance. In 2021, Chubb was both the cyber insurance underwriter with the largest market share (10%) and the largest writer of package cyber coverage (28%), according to a report by Fitch Ratings. In June 2021, it formed CyberAcuView with other leading cyber insurers, a company aimed at mitigating cyber risk in the insurance industry. Also in the consortium are AIG, The Hartford, and Travelers.
Ping An Insurance
Ping An Annuity launched a smart annuity service using facial recognition technology. The service enables Ping An Insurance customers to collect their annuity payments efficiently and securely using facial recognition, digital signatures, and data analytics. The service automatically completes the filling and handing of all documents, provides customers with online access to their annuity information, and enables them to track the retrieval process. In 2019, Ping An Insurance Technology and the Hong Kong government announced a partnership to implement e-IDs for all Hong Kong residents, enabling them to conduct online transactions via unique electronic identification while providing electronic infrastructure for the country’s smart city project.
To further understand the key themes and technologies disrupting the insurance industry, access GlobalData’s latest thematic research report on Cybersecurity in Insurance.
Frequently asked questions
1. Why are Insurance companies investing in cybersecurity?
Insurance companies are investing in cybersecurity to protect themselves and their customers from cyber threats. With more employees working remotely and various endpoints needing protection, insurers should prioritize network security, endpoint security, and cloud security. Awareness of developments in these areas can also inform cyber insurance policies. Insurers must also invest in threat detection and services to secure systems and applications.
2. How do cyberattacks impact the Insurance industry?
Cyberattacks on insurance companies can have profound implications on their reputations and trust. Insurers hold highly sensitive customer data, making them a prime target for cybercrime. Security breaches could lead to financial losses and legal liabilities. Cyber accumulation risks are also present, where a single event generates a widespread impact on thousands of businesses at once.
3. Which Insurance companies are leaders in cybersecurity adoption?
Leading adopters of cybersecurity in the insurance sector include AIG, Allianz, Aviva, Chubb, Hiscox, Marsh, Munich Re, Ping An, Swiss Re, Travelers, and Zurich Insurance.
4. Who are the leading vendors of cybersecurity to the Insurance industry?
Leading cybersecurity vendors in the insurance sector include Blackberry, Broadcom, CyberCube, FireEye, Portnox, and SecurityScorecard. Leading cybersecurity vendors include Accenture, Alphabet, Check Point, Cisco, CrowdStrike, Darktrace, Dell Technologies, Fortinet, IBM, Microsoft, Palantir, and Palo Alto.
5. How does increased investment in cybersecurity benefit Insurance companies?
Increased investment in cybersecurity can benefit insurance companies by protecting them and their customers from cyber threats, reducing the risk of financial losses and legal liabilities, and improving their reputation and trust. It can also inform cyber insurance policies and lead to improved penetration rates.
6. What are the challenges with adoption of cybersecurity in Insurance?
The challenges with adoption of cybersecurity in insurance include legacy systems employed by insurance firms that may prove ineffective at securing against breaches, as malicious actors evolve faster than legacy technology. Cyber accumulation risks are also present, where a single event generates a widespread impact on thousands of businesses at once. The COVID-19 pandemic instigated a digital shift that led more customers to access their insurance digitally, which is problematic for legacy insurers with limited digital and cybersecurity frameworks.
7. What is the projected market size of cybersecurity in Insurance?
GlobalData projects the market size of cybersecurity in insurance to grow at a CAGR of 10.7% between 2020 and 2025, driven by rapid digital transformation.
8. Which Insurance companies are laggards in cybersecurity adoption?
Insurers that have failed to update and maintain robust cybersecurity frameworks and strategies and have suffered recent serious data breaches include Arthur J. Gallagher, Humana, Metromile, Next Insurance, and Oscar Health.
9. What are the components of the cybersecurity value chain?
The components of the cybersecurity value chain include hardware, software, and services such as unified threat management, vulnerability management, application security, managed security services, risk and compliance services, post-breach response services, chip-based security, identity management, data security, email security, network security, threat detection and response, cloud security, and endpoint security.