Cyber insurance premiums in Australia increased by up to 80% in the second quarter compared to the same period last year, and claims numbers are up by 50%, Marsh says.

The broker’s mid-year update report warns that growing ransomware demands and increased business rectification costs are causing insurers to reassess.

"After a period of sustainable losses and steady growth in premium, the proliferation of the underlying ransomware threat has led to an unsustainable loss portfolio for insurers," the report says.

“The worsening loss ratios have also led to corrective actions from the market, such as limiting capacity and co-insurance requirements, in order to maintain portfolio profitability.

“This trend is evident across all industry sectors in Australia."

Cyber Practice Leader Pacific Kelly Butler told insuranceNEWS.com.au that cyber is “top of most conversations” with clients due to the rapid change in the market.

She says towards the end of last year there was a “reckoning” with insurers forced to respond to the size of claims.

“I think insurers had their heads around the frequency of claims that were coming in - I think the thing that caught them by surprise was the severity of the incidents and the costs associated with them,” she said.

“That was something that they probably didn’t model accurately, and in their minds they had to make a change really quickly.”

It’s the ransom demands that get the headlines, but Ms Butler says rectification costs are just as significant.

“Insurers knew that would be costly, I just don’t think they knew how costly, from IT forensics all the way through to the notification process.”

As a result, the way insurance is purchased has been transformed.

“No longer is it a tick box exercise, it has turned into quite a thorough deep dive into clients’ framework around cyber security.

“There is a lot of scrutiny around the controls the client has. Insurers are really going deep. If you don’t have that basic hygiene going forward, you will not get insurance.”

The report says there is particular focus on ransomware exposures and mitigation controls “such as multifactor authentication, remote desktop protocols, and backups”.

Ms Butler says criticism that suggests cyber insurance encourages ransom demands and payments is misplaced.

“I honestly believe that the insurance product and the expertise that comes with that product puts you in the best possible position not to pay a ransom amount.

“From an insurance policy perspective it’s the client’s decision whether they pay or not, it’s not the insurer’s.

“In my experience insurers will do whatever they can to help clients not pay those demands.”

And she says while it is becoming harder to place cyber risks, it’s still achievable. The report says the number of Australian organisations purchasing cyber insurance grew by 23% in the first half.

“I do think we’re at a turning point. But insurers’ focus is really around those key controls.

“They seem to be confident that if the client is investing in these controls and rolling them out across its business, then they are definitely in a better position not to suffer a ransomware incident.

“While insurance is becoming a lot more expensive it still provides incredible value.

“These policies have now been very much tested. There was a lot of scepticism as to whether they would respond, if they respond adequately, but we can now definitely say they do, and they really help the client at the time of crisis.”

Click here for the full Marsh report.