Cyber Insurers Can Cut Loss Ratios by 16%: Insights from Gallagher Re’s Latest Report
In an era where cyber threats loom larger than ever, a new report from Gallagher Re has unveiled a compelling strategy for cyber insurers: by identifying and removing the most-at-risk entities from their portfolios, insurers could potentially reduce loss ratios by up to 16%. This groundbreaking study, which combines independent cybersecurity performance data from Bitsight with claims data, offers a wealth of insights for both insurance companies and enterprises alike.
Understanding the Study’s Findings
Ed Pocock, the global head of cybersecurity at Gallagher Re, emphasizes the significance of the study, stating, “This study provides clear, actionable insights for both insurance companies and enterprises on the efficacy of security controls.” The research establishes a direct correlation between weak cybersecurity measures and increased insurance claims, while also suggesting additional strategies for insurers to more accurately assess an organization’s cyber risk.
The report leverages a comprehensive analysis of cybersecurity performance data, revealing that traditional assumptions about risk—such as larger firms being inherently more vulnerable—are overly simplistic. Instead, the study highlights a complex interplay of factors that determine which organizations are most likely to be targeted by cyberattacks.
The Role of Cybersecurity Scanning
Since the early 2010s, cybersecurity firms have been employing remote scanning techniques to evaluate companies’ resilience against cyber threats. Recently, cyber insurers have begun to incorporate these assessments into their underwriting processes. By analyzing firmographic data—such as industry, revenue, and geography—alongside technographic data, insurers can gain a clearer understanding of potential risks.
The Gallagher Re model indicates that the worst 20% of companies identified through technographic data were 3.17 times more likely to suffer a claim compared to the best 20%. When firmographic data was included, this likelihood increased to 6.93 times. This stark contrast underscores the importance of a multifaceted approach to risk assessment.
IPv4 Data: A New Risk Predictor
One of the most intriguing findings of the report is the introduction of IPv4 data as a key risk predictor. In a previous study, Gallagher Re identified company revenue as the strongest predictor of claims. However, the new report reveals that the number of IPv4 addresses—essentially an organization’s cyber footprint—ranks as the second-highest predictor of cyber risk.
Interestingly, the correlation between company size and the number of IPv4 addresses is not always straightforward. Some large companies may have fewer IP addresses, suggesting that traditional analyses could misclassify their risk levels. By incorporating IPv4 data, insurers can offer more nuanced assessments, potentially allowing larger companies with fewer IP addresses to benefit from lower premiums.
The Importance of Single Point of Failure (SPoF) Data
Another critical aspect of the study is the use of Single Point of Failure (SPoF) data, which helps insurers evaluate their exposure to specific services and vendors across their portfolios. This data is essential for identifying aggregation points and modeling potential risks. However, Gallagher Re notes that the SPoF dataset is still in its developmental stages, leading to inconsistencies in how different cybersecurity vendors capture and process this information.
Despite these challenges, the integration of SPoF data into risk assessments can significantly enhance insurers’ understanding of their portfolios. By identifying dependencies on external services, insurers can better predict potential vulnerabilities and adjust their underwriting strategies accordingly.
Key Cyber Risk Factors
The 2024 study analyzed a dataset comprising over 62,000 companies across 67 countries, encompassing more than 589 million IP addresses and over a thousand material claims. The findings reveal that while certain risk factors remain consistent across revenue bands, others vary significantly depending on the type of cyber event.
For instance, factors like DKIM (DomainKeys Identified Mail) and SPF (Sender Policy Framework) were particularly effective in predicting business email compromise claims. Meanwhile, patching cadence emerged as the strongest predictor of ransomware loss. The study also highlights the evolving nature of cyber risks, with factors related to hybrid or remote work environments gaining prominence since 2022.
Conclusion: A Path Forward for Cyber Insurers
The insights gleaned from Gallagher Re’s report present a transformative opportunity for cyber insurers. By leveraging advanced data analytics and incorporating a broader range of risk factors—such as IPv4 data and SPoF analysis—insurers can refine their underwriting processes and enhance their ability to predict claims.
As the cyber threat landscape continues to evolve, the ability to identify and mitigate risks proactively will be crucial for both insurers and the organizations they cover. By focusing on actionable insights and data-driven strategies, the insurance industry can not only improve loss ratios but also contribute to a more resilient cybersecurity ecosystem.
In a world where cyber threats are increasingly sophisticated, the findings of this report serve as a timely reminder of the importance of vigilance, adaptability, and informed decision-making in the realm of cyber insurance.