You are here

Cyber insurance rates fall with lull in major hacks

[NEW YORK] A lull in high-profile data breaches prompted insurers to cut cyber insurance rates for high-risk businesses such as retailers and healthcare companies during the first three months of this year, according to insurance industry brokers.

The dip comes after sudden rate hikes for many firms last year in the wake of a spate of attacks on Home Depot Inc, Target Corp, Anthem Inc and others.

The average price companies in high-risk industries paid for US$1 million in cyber insurance coverage fell 13 per cent to US$18,756 in the first three months of 2016, according to broker Marsh, a unit of Marsh & McLennan Cos Inc.

It said the average premium rose 28 per cent last year to US$21,642 for comparable buyers in industries such as retail and healthcare. "Pricing has stabilized," said Marsh cyber insurance executive Robert Parisi.

Market voices on:

"There is only so far things can go before people choke and say 'I've had enough.'" Ben Beeson, an executive with broker Lockton Cos, said he has seen a "leveling off" in pricing with his clients, following steep price hikes in response to attacks.

Recent breaches have led to big payouts from insurers, including US$90 million of Target's breach-related costs and US$100 million for Home Depot. "We haven't had too many Targets or Home Depots recently," Beeson said.

Kevin Kalinich, global cyber practice leader with Aon Plc's Aon Risk Solutions unit, warned that average pricing does not tell the full story. "Pricing varies dramatically," he said, noting that some clients who locked in rates before last year's steep increases could see big hikes when they renew.