Insurers and asset managers continue to invest in longer term cybersecurity planning: Moody’s

A vast majority of insurers and asset managers are continuing to invest in longer term cybersecurity planning and have put in place advanced cybersecurity protection, a new report from Moody’s Ratings reveals.

According to Moody’s, these efforts reflect the growing frequency and sophistication of cyberattacks, as well as increased regulatory expectations regarding cyber resilience.

The agency noted, that take up of cyber insurance within these two sectors varies by region and is highest in the Americas.

In another recent report from the agency, Moody’s explained that the cyber insurance market is poised for significant growth over the next several years as cyberattacks continue to grow in number and sophistication.

According to a cyber survey from Moody’s of 110 companies comprised of insurers and asset managers, respondents’ total investment in cybersecurity rose by more than 50% between 2019 and 2023.

This sharp increase comes in response to more frequent and cyberattacks globally and growing regulatory requirements regarding cyber resilience and disclosure. Organisations across the Americas – which account for a large majority of such attacks – reported a 65% increase in cybersecurity spending, while organisations in the Europe, the Middle East, and Africa (EMEA) region saw a 51% rise, followed by those in the Asia Pacific (APAC) region, with growth of 48%.

As well as this, the share of total IT budgets devoted to cyber risk increased to 8% in 2023 from 5% in 2019. In fact, this allocation has grown across all regions over the last five years, led by APAC, where it rose to 10% from about 4%.

Moody’s explained that APAC has become “increasingly attractive” to cybercriminals, due to the region’s rapid digital
adoption often outpacing the implementation of necessary security measures.

Meanwhile, increased cybersecurity spending has allowed businesses to further expand and bulk out their in-house cyber expertise, with the number of cybersecurity employees rising by about 23% between 2019 and 2022.

Moody’s survey also shows that the use of standalone cyber insurance among insurers and asset managers remains high, despite its higher cost and a decline in typical cyber insurance limits.

Roughly 78% of respondents have cyber insurance coverage. Whereas, standalone cyber insurance coverage remain most prevalent in the Americas, where it is used by 94% of respondents, which compares with 55% in EMEA and 29% in APAC.

It’s also important to highlight, that cyber insurance premiums rose steeply between 2020 and 2022, with insurers, brokers and asset manager respondents reporting double-digit increases or higher. However, despite higher premiums, almost 85% of surveyed businesses said they planned to keep their insurance coverage unchanged in the next twelve months, while 13% said they aimed to increase it.

Furthermore, Moody’s notes that the ultilisation of cloud services is likely to grow further, as more insurers and asset managers have been gradually shifting IT workloads to private and public cloud infrastructure.

Around 65% of the respondents’ IT infrastructure remains on site and respondents aim to reduce this figure to 55% within the next year.

The post Insurers and asset managers continue to invest in longer term cybersecurity planning: Moody’s appeared first on ReinsuranceNe.ws.