By Manoj Rane, Senior Vice President Placement & Underwriting (Liability Lines), Alliance Insurance Brokers
Cyber insurance is a fast-growing segment within the Indian insurance industry. According to recent reports, the domestic cyber insurance market is currently valued at a modest USD 50-60 million but is poised for significant growth. The sector has shown a robust CAGR of 27-30% over the last three years and this upward trend is expected to continue in the coming years.
With rapid digitization in sectors like finance, banking, healthcare, IT, pharmaceuticals, e-commerce, manufacturing and in sectors integrated into holistic economic sectors like retail and supply chains, the need for cyber insurance in the country will increase in the coming years. Since these sectors are among the early adopters of cyber insurance, there will be even more sectors opting for cyber insurance to protect their data in the coming years.
The vulnerability of the healthcare sector to cyberattacks was highlighted in 2023 when AIIMS Delhi fell victim to a cyberattack that resulted in server outages and disruption of critical healthcare services. This incident underscored the urgent need for robust cybersecurity measures to protect sensitive patient data. The potential compromise of patient information during the attack underscored the severe consequences of such breaches.
In India, the development of the cyber insurance market is determined by three key factors: the increasing digitalization in companies, government efforts towards digitalization and stricter cyber laws as well as the increasing intensity of competition due to the market entry of technology giants and multinational companies.
Therefore, it is important for businesses today to understand the basic benefits of cyber insurance. First and foremost, it covers first-party losses resulting from data breaches, including data destruction, hacking, extortion and theft. In addition, policies often include coverage for legal costs incurred following a cyber incident. While specific coverage may vary by provider and plan, the core areas typically covered by cyber insurance include:
Costs for customer notification: In the event of a data breach in which personal information is lost or stolen, companies are legally required to notify affected customers. This process can be costly and time-consuming. Cyber insurance policies often include coverage to help companies offset the costs associated with customer notification.
Ransomware attacks, in which cybercriminals encrypt an organization’s data and demand a ransom for its release, pose a significant threat. Cyber insurance policies can provide financial protection to cover ransom payments. However, it is important to note that government agencies often discourage paying ransoms, as it can encourage additional cybercriminals to engage in further activity.
Insure legal assistance: Cyber insurance policies often cover legal costs incurred due to breaches of data protection policies or regulations following a cyberattack. In addition, these policies can help fund the hiring of cybersecurity experts or computer forensics experts to investigate the incident, recover compromised data, and take steps to prevent future attacks.
Restoration of identity: Cyber insurance policies also often cover identity restoration services. This benefit allows organizations to help affected customers recover their personal identities after a data breach.
Data recovery is often covered by cyber liability insurance and provides financial protection to businesses when recovering data damaged in a cyberattack. Insurance also covers the cost of repairing computer systems damaged in a cyberattack.
As the world moves more towards data and technology and our identities become synonymous with our mobile numbers, cyber protection is the next step for all individuals and businesses. There will come a time when countries will need to be protected from cyber terrorism and insurance will play a paramount role in this. As data usage increases, the risk of cyber attacks on applications, devices, networks and users increases, which has a significant impact on businesses, from loss of customers to reputation and revenue losses.
It’s high time that companies understand that cyber insurance is no longer an expense, but a strategic investment. The dynamic cyber insurance industry and its vast range of coverage are designed to address today’s increasing cybercrime. And companies must see the right protection through cyber insurance as crucial.