Cybersecurity is not a new thing to most people. From the dawn of the internet in the early 1980s to the latest technological advances made with smartphones, internet banking, home security units, and the like, there have always been chancers who have found ways to hack into systems, whether intentionally or unintentionally, and these attacks are only on the rise.  

Norton security, the American anti-virus/anti-malware software company, reports an average of approximately 2,200 cyber-attacks a day, totalling about 800,000 people victims of hacking per annum. The 2021 Cyber Security Breaches Survey says that two in five businesses reported a cyber-attack within the previous twelve months. Furthermore, only roughly half of the organisations who completed the survey had investigated ways to help minimise risks within the past twelve months. 

Attacks can be detrimental to business, as was the example of one such incident on the European Banking Authority that resulted in the entire e-mail system taken offline. Some Intel and AMD microprocessors were found to be vulnerable to a recently uncovered theoretical performance attack that can covertly leak password data and other sensitive material. In the United States of America (USA), the FBI's Internet Crime Complaint Centre (known as IC3) received nearly six million complaints with reported losses at over USD 4mn (four million).

With these threats, one wonders what the impact on insurance markets will be. 

It has been proposed in the USA that the burden of proof be on policyholders to show that they have the controls in place that they state they have, to try and mitigate the risk using the proper documentation. Furthermore, catastrophe coverage will potentially be written as an exclusion.

According to the Cyber Security Insurance Market report, cover has been increasing steadily and is expected to continue growing. It is thought that global cyber security cover is a larger market than within the UK however the market is growing, and the UK is writing a large amount for cyber cover for non-UK businesses. With the ever-increasing number of attacks, there is potential that insurance premiums could increase to cover the insurers' risk when offering cover, with perhaps more insurers/countries taking a similar stance to the USA when it comes to the burden of proof.