It is time for insurance companies to sell cyber security protection

Nick Viney, SVP & general manager, partner, Avast, discusses why it's time for insurance companies to sell cyber security protection.

A growing number of people are more afraid of the potential for cyber attacks than physical crime. This is according to a survey conducted by Neighbourhood Watch and Avast. This could be an opportunity for insurers to augment their offerings to include securing homeowner and small business’s digital infrastructure.

The survey asked 28,000 members of local Neighborhood Watch groups in England and Wales, where 39% of the responses thought that cyber crime is more of a threat than physical ones, such as home burglaries. A fifth of responses admitted that they have been victims of various cyber crimes during the pandemic, and a third of this group have lost funds. For the vast majority of us, our lives have moved predominantly online. We are sharing our most valuable data more than ever before. This is borne out by several surveys, such as this one from the BBC, which show that Internet usage has more than doubled in the UK during the pandemic. The figures can be explained by increased video conferencing and streaming services.

“We’ve heard countless stories from our members about the increase in scams, phishing and hacking they’ve been subjected to, with a significant portion of our membership feeling more at risk of cyber crime than physical crime,” said John Hayward-Cripps, the CEO of the UK-based Neighborhood Watch with over 2.3M member households.

But unlike physical break-ins, cyber attacks aren’t as obvious, and that could be why the above survey saw an increase in cyber security concerns. However, other worrying trends were also observed during the pandemic. Ransomware attacks across the globe grew by 20% during the pandemic months of March and April, in comparison to January and February 2020. Even the Covid crisis didn’t prevent threat actors from attacking some of the most vulnerable targets, including hospitals, which, in at least one known case, ended fatally. Insurers have indirectly, albeit unwillingly, supported this trend by offering their customers reimbursements for ransom payments, a rather counterproductive move supporting ransomware authors, rather than protecting customers in the long run. If a customer knows they don’t have to worry about losing money by paying a ransom, why should they care about protecting themselves properly from the threat? It has therefore been a good step by global insurance firm Axa, who announced early May that they will no longer reimburse ransomware payments to their customers in France.

Insurtech disruption trends: is traditional insurance broken?

What are the main Insurtech disruption trends of 2021? In this article four of the UK’s leading insurtechs discuss the decline of traditional insurance and the rise of disruptive innovation in the sector. Read here

Besides ransomware attacks, Avast has tracked and blocked more than 3,300 malicious apps to date posing as Covid-19-related app services. In reality, these apps were mobile banking trojans or spyware. We also observed a 132% global increase (over 165,000 cases), in spyware and stalkerware downloads in January and February 2021 on the same time last year, before COVID restrictions were introduced. Therefore, it isn’t surprising that a growing number of people feel cyber crime is more of a threat than physical crime. And if the nature of crime and threats is evolving, then shouldn’t insurance products need to evolve as well?

Insurers can meet these threats by providing value add services to their customers, and by encouraging smaller businesses as well households to better protect themselves. And the insurers can offer incentives (in terms of reduced premiums, for example) if their policyholders use these cyber security services and devices. This is similar to what Progressive already does with its auto policies in the United States using a device that monitors a driver’s behaviour.

Offering antivirus software to insurance customers is one way to offer additional customer benefits, and a much better solution than offering coverage of ransomware payments, for instance. By offering cyber security software, insurance companies are moving their focus to prevention rather than cleaning up the aftermath of an attack, which can cause more harm than just the financial coverage an insurance can offer. It’s hard to put a price tag on psychological damage through identity theft, privacy intrusion, or reputational harm caused by cyber attacks. Another way to protect people’s homes, is through security software that can provide monitoring and threat detection across connected devices and networks.

“The average person has no idea if there is any suspicious activity going on with their network,” said Visesh Gosrani, who is the chair of the Cyber Risk working group at the British Actuarial Institute. “Providing any early warning signals of a network compromise is a good idea, especially as attackers are moving to more targeted and stealthy attacks.”

People and businesses typically come to this point because having these cyber security products serve several purposes:

  • It can provide greater peace of mind. Given the above survey results, this could benefit homeowners and augment their existing liability coverage.
  • As an additional cyber security tool. The network security products can monitor devices – such as your home’s smart TV or office printers – that are typically ignored by many. This could serve as an early warning of a possible breach or data leak, especially as many small businesses (and individuals) don’t normally monitor for these sorts of attacks.
  • As another line of defence. Insurers can add identity protection or cyber insurance to their existing coverage too.

The obvious conclusion to draw therefore is that consumers and businesses are spending more time online to work, play, socialise and learn, across a range of different devices, which creates more attack opportunities for cyber criminals. And all of this has been exacerbated by the pandemic. The genie is out of the bottle, and the situation is not going to get any better on its own. Insurance companies should therefore offer network security and device protection products to reduce cyber threats from happening. After all, it’s in all our interests if the cyber security industry works in partnership with the insurance industry to mitigate these risks.

Written by Nick Viney, senior vice-president & general manager, partner at Avast

Editor's Choice

Editor's Choice consists of the best articles written by third parties and selected by our editors. You can contact us at timothy.adler at