The increase in the volume of premiums in the field of cyber insurance in the Russian Federation for 2023 amounted to about 80%

The increase in the volume of premiums in the field of cyber insurance in the Russian Federation for 2023 amounted to about 80%

In 2023, insurance companies developing the direction of covering losses from the consequences of cyberattacks increased the collection of insurance premiums for a relatively new service by 80%, up to 1.3 billion rubles, Kommersant writes. Most often, such programs are bought by large clients from the banking sector or industrial enterprises — as a rule, from the PE and metallurgy industries, explained Oleksiy Nazarov, vice-president and director of the non-banking services development department of PSB. According to him, the packages may include a cyber audit — a security check of IT systems.

There are also inexpensive solutions for small and medium-sized businesses on the market, which allow you to get insurance against cyber incidents, mainly related to the consequences of DDoS attacks (attack on the server). However, they do not provide protection against all current cyber threats. “Cyber ​​insurance in Russia remains a highly specialized product,” Nazarov admits. According to “Expert RA”, in general, the insurance market in Russia grew by 15-16% by the end of 2023, and the volume of premiums amounted to about 2 trillion rubles.

“We are observing an increase in demand for cyber risk insurance by an average of 20% per year – they mean the number of companies willing to buy a policy,” TSK Insurance House notes.

According to Zetta Insurance, the number of new requests for cyber risk insurance increased by 1.5-2 times during the year. The demand is directly proportional to the increase in incidents of data leaks and hacker attacks, according to the company. In 2023, Roskomnadzor discovered 168 leaks (140 in 2022).

“Rosderzhstrakh” notes the demand primarily from the banking sector and telecommunications companies, which “today are more prone to attacks”, admitting that it has not yet become “significant for the market” in the Russian Federation.

Commercial director of BI.ZONE Konstantin Levin notes several key problems of the segment. First of all, in addition to the insurer and the customer, a third party is needed to conduct an analysis of the client’s situation, but these procedures, he notes, have not been worked out, and there are no evaluation criteria. Secondly, the expert clarifies, there is no specific regulation.

From the end of 2022, cyber insurance is being discussed as one of the mandatory conditions for regulating the responsibility of companies for information security. As Artem Sheykin, Deputy Chairman of the Council for the Development of the Digital Economy at the Federation Council, explained, the idea is to create a mechanism for mandatory financial assurance of the responsibility of operators of personal data for leaks.

The Central Bank of Ukraine specified that the creation of a cyber risk insurance institute is one of the tasks defined in the regulator’s work plan until 2025, however, “insurers must have sufficient experience to establish uniform requirements for such an insurance product.”

Related posts