Tech

Government Accountability Office highlights rising cost of cyber insurance

The agency finds also that insurers are offering lower coverage limits and have limited historical loss data.

May 21, 2021

The facade of the GAO building in downtown Washington, D.C. (Cory Doctorow/Flickr)

The U.S. Government Accountability Office (GAO) highlighted the rising cost of cyber insurance in a new report assessing challenges faced by the private market in mitigating cyberattacks.

In its study published Thursday, the agency said that according to industry sources, rates have surged. It also cited a recent insurance broker survey, which found that premiums for more than half of clients rose by 20% to 30% in late 2020.

“After holding relatively steady in 2017 and 2018, cyber insurance premiums increased markedly in 2020,” the agency said in its report. “Higher prices for cyber insurance have coincided with increased demand for the product and higher insurer losses from increasingly frequent and severe cyberattacks (particularly ransomware attacks that block users from accessing systems or data until a ransom is paid).”

GAO has studied the private cyber insurance market in response to new requirements included in the National Defense Authorization Act for the fiscal year 2021.

Most publicly listed companies purchase standalone cyber coverage as part of their risk management operations, as do some public sector entities such as state governments and agencies.

The report found also that insurers are offering lower coverage limits, and noted that insurance companies have limited historical data on most losses.

Insurance companies are offering lower coverage limits and increasingly encouraging clients to purchase specific, standalone cyber policies. Previously, many insurers have offered cyber coverage as an optional add-on to other types of policies, such as property insurance.

This has created aggregation risk for the insurance market, which is known as “silent cyber.”

According to GAO, the language used in cyber policies also often lacks common definitions.

Cyber insurance companies’ appetite for writing policies for public sector entities has declined substantially in recent months, following a slew of high-profile attacks, including attacks against Texas’ Department of Transportation and state court system.

Government Accountability Office highlights rising cost of cyber insurance

More Like This

SSA database to flag synthetic identity fraud has cost issues, GAO finds

Government websites aren’t created equal. GSA’s 10x program aims to change that

GAO finds spotty agency compliance with IDEA Act requirements

Top Stories

Data, talent, funding among top barriers for federal agency AI implementation

Announcing the 2024 FedScoop 50

House Republicans probe NIST on facial recognition for federal digital identity verification

White House’s final ‘Trust Regulation’ aims to bolster confidence in federal statistics

CISA official: AI tools ‘need to have a human in the loop’

Login.gov announces availability for facial recognition technology

More Scoops

AI algorithms could be used to better forecast natural disasters, GAO report says

Only 3 agencies have hit deadline for cyber event logging standards, GAO finds

Financial regulators have work to do on developing and tracking fintech skills of staff, watchdog says

Energy Department failing to monitor user activity on classified networks, GAO finds

Watchdog calls on DHS to clarify when tech acquisitions require cyber risk assessments

Treasury seeks industry input on cyber insurance market support measures

Coast Guard needs to improve its cyber workforce says watchdog

Latest Podcasts

A look at next week’s hearing on unidentified anomalous phenomena

Login.gov launches facial recognition option; the White House issues final Trust Regulation

HHS is working on a new AI strategic plan; Budget woes for government’s science and technology efforts

Meet the winners of the 2024 FedScoop 50; And, how the DOE sees itself counteracting the AI industry’s ‘profit motive’

Tech

Defense

Cyber

FedScoop TV