US cyber-insurers are increasing premiums and lowering coverage limits, making it next to impossible to secure their 2021 coverage at 2020 rates, according to new research.

The US Cyber Market Outlook, by insurance broker Risk Placement Services, has warned that providers have been “battered by higher-than-anticipated losses” and are subsequently charging much more for less coverage. 

“Over the past year, we’ve seen the challenges of the COVID-19 pandemic and increasing frequency and severity of ransomware attacks put pressure on the U.S. cyber liability market,” stated Steve Robinson, Risk Placement Services (RPS) area president and national cyber practice leader.

“While this market dynamic developed quickly, within a matter of months, longstanding underwriting issues in this market, as well what had been a growing mismatch between exposures and underwriting, helped to create the current situation and the imbalance between coverage supply and demand.”

The education, government, healthcare, construction and manufacturing sector have been hit hard over the past year, with premiums skyrocketing by 300% or more at renewal time. 

“Insurance companies are setting IT infrastructure minimums,” explained Nick Carozza, Area Vice President, RPS. “What has been a challenge for many companies is that these controls went into effect so quickly. Many companies were caught in a situation where they didn’t have the time or the funds to implement these controls before their policy renewal date.”

Multi-factor authentication (MFA) in particular has become a must-have to quality for cyber coverage - with nearly all cyber insurance providers have adding MFA as an underwriting requirement in 2021.

”Insurance companies are incorporating the same scanning technology used by hackers into their own underwriting process. This allows them to assess an organization’s perimeter security and also develop a metric-based estimate for a potential cyber attack,” the report read.