cyber insurance premiums stay sticky despite claims

see also: LLMs · Model Behavior

Despite a mild decline in ransomware payouts, underwriters report persistently high loss ratios, so premiums remain elevated and new entrants avoid the market (Reuters).

scene cut

Carriers point to large-scale breaches (Okta, ForgeRock) that still cost hundreds of millions. The stickiness stems from reinsurance prices that won’t fall until a clear risk reduction trend emerges.

signal braid

• The insurance view connects to the crypto crime data from chainalysis 2023 crypto crime report and the Okta supply chain note okta breach fallout highlights identity fragility.
• High premiums push companies to self-insure, ironically raising risk concentration.
• The lack of down cycle in premiums mirrors the slow-moving chip inventory issue from chip inventory rebuild keeps fabs patient.

risk surface

• Firms lacking coverage now rely on incident response retainers, which may not pay complex ransom demands.
• New regulation could force insurers to hold more capital, leaving even higher prices.

my take

I now assume cyber insurance is a baseline cost rather than a hedge—budgets must allocate for it regardless of loss experience.

linkage

linkage tree

• tags
  • #security
  • #insurance
  • #2023
• related
  • [[chainalysis 2023 crypto crime report]]
  • [[okta breach fallout highlights identity fragility]]
  • [[chip inventory rebuild keeps fabs patient]]

ending questions

What third-party controls would convince insurers to cut prices again?