What is "cyber insurance"?

“Preparation for emergencies” has become important January 12, 20:08

The risk of cyberattacks is increasing as the international situation becomes tense, including Russia's military invasion of Ukraine.



The key here is to be “prepared for emergencies”.



“Cyber ​​insurance” is now widely used among Japanese companies.



Since it was just born, we approached the actual situation that is not generally well known yet.



(Cyber ​​​​reporting team Economic Department Daisuke Nogami / America General Bureau Mikio Tanabe)

What is cyber insurance?

At the end of October 2022, a hospital in Osaka was attacked by a cyberattack, causing system failures such as electronic medical records, and temporarily forced the suspension of most medical services.



It took more than two months to return to the normal medical system, and it became a serious situation.

Today, cyberattacks are causing a great deal of damage that seriously impacts the lives of citizens and corporate activities.



“Cyber ​​insurance” is, as the name suggests, insurance against such cyberattacks.



Just like fire insurance, which covers damage to buildings and household goods in the event of a fire, it pays for the costs of being damaged by a cyberattack.



Once a company is attacked by a cyberattack, various responses, such as investigating the cause and compensating for damages to customers, occur, which cost money.



If your business is forced to stop even temporarily due to an attack, it will lead to a decrease in sales due to the suspension of production and sales activities.



As cyberattacks become a familiar threat, this is a new type of insurance born out of the need for IT risks.

It has a shorter history than fire insurance and automobile insurance, and it was around 2015 that it began to spread in Japan.



The increased risk has expanded the market, and is now handled by major non-life insurance companies.



The specific content of compensation is common to major companies.

Cyber ​​insurance Main compensation targets


▽ Cause investigation


▽ System recovery, data restoration


▽ Compensation for damages

In the event of a cyberattack, it is necessary to conduct an investigation to find supporting evidence.



We have to ask a security company to identify the extent of the impact, collect logs, preserve evidence, back up the system and restore data.



On top of that, in some cases, we may have to pay compensation for damages or solatium to the customer in order to settle the situation.



Cyber ​​insurance is a mechanism that compensates a certain amount for these damages.

"Cyber ​​insurance" A case in which insurance money was paid A


certain manufacturer was damaged by a computer virus called "Emotet" and was sent tens of thousands of fraudulent emails to past business partners at a pace of tens of thousands every day. I had the damage that my PC was infected.

Since he was covered by cyber insurance, he said that 35 million yen in damage caused by the damage, including the cost of investigating the cause and extent of damage, and the cost of preventing recurrence, was returned as insurance money.

Demand continues to increase

The number of companies taking out cyber insurance continues to grow.



Of these, Tokio Marine & Nichido, the industry's largest company, has grown at a level of about 1.2 times year-on-year since it started offering cyber insurance in 2015. and the pace of growth is rising.



In addition, Sompo Japan has increased its contracts by 1.5 times from April to June 2022 compared to the same month of the previous year.

Daisuke Kyogaku, chief consultant at Tokio Marine DER, a consulting company that is familiar with cyber insurance trends, analyzes that the increase in the number of subscriptions is connected to the fact that business partners feel threats such as cyber attacks close to them. .

Daisuke Kyogaku, Chief Consultant, Tokio Marine D.R. "


Cyber ​​insurance in Japan is not well known, and the market took off more slowly than in Europe and the United States, but major companies such as automobile-related manufacturers suffered damage from cyber attacks." The number of cases is increasing, and it is expanding with the awareness that ``tomorrow will be my own.'' In particular, the recent trend is that not only large companies but also small and medium-sized companies that make up the supply chain are joining."

In addition, the revision of the Personal Information Protection Law in April 2022 is also affecting the background of the increasing pace of contracts.



This is because, in the event of a personal information leak, it became mandatory to report to the Personal Information Protection Commission and notify the victim, which made it necessary to identify the extent of the damage.



In addition to bearing the cost of investigating the cause, there is a strict requirement to prepare for compensation claims from victims, and more and more companies are taking out cyber insurance in advance.

How much damage is covered?

Actually out of scope

Although the number of cyber insurance policies is increasing year by year, it does not cover all cyber attacks.



For example, a ransom-demanding computer virus called ransomware.



It is one of the cyberattacks that encrypt data stored on the servers of companies and organizations, make it inaccessible, and demand money in exchange for decryption.



However, in the case of the insurance of major companies, if you pay a ransom for damage caused by ransomware, the amount you paid will be "out of coverage" and you will be responsible for it.

"Damage caused by war" is also excluded

War damage is also excluded.



General insurance products such as life insurance and fire insurance do not compensate for physical damage caused by war, which is difficult to estimate the scale of damage.



Cyber ​​insurance also stipulates in the disclaimer of each company that it does not cover "attacks associated with war".



However, as represented by Russia's military invasion of Ukraine, cyber warfare on the Internet is intensifying, and warfare in cyberspace is becoming a real problem.



When it comes to "cyberattacks associated with war", the reality is that we face many problems, such as where to draw the line of war and how to identify it as an act of war by a nation.



In the future, it will be an issue for cyber insurance to see how far the scope of the war stipulated in the disclaimer will extend.



On the other hand, even if the contract is concluded in Japan, there are cases in which damage is covered overseas.



Companies that have their headquarters in Japan and do business overseas can add options to their contracts so that even if there is a loss at an overseas subsidiary, they will be covered in the same way.

“Ransom demands” behind US cyber insurance growth

In the United States, which is exposed to the same threat of cyber attacks as in Japan, cyber insurance has grown significantly over the past few years.

According to the NAIC = National Association of Insurance Commissioners, in 2021, the total amount of cyber insurance premiums paid by customers to insurance companies will reach approximately $6.5 billion, or approximately ¥870 billion* in Japanese yen, compared to the previous year. , increased by about 60%.

(*Converted at 134 yen per dollar).



Behind the growth of cyber insurance is a series of cyber-attacks, especially "ransomware" attacks, which have been increasing in damage in recent years in the United States.



Unlike Japan, the United States also has “ransomware insurance” that specializes in ransomware.



The feature is that if it is temporarily difficult to continue the business due to damage, the ransom paid by the company will be covered in addition to the compensation and data recovery costs.



Since the spread of the new corona, while remote work has become online, the damage of ransomware has increased in small and medium-sized companies that are difficult to spend on security measures.



For this reason, insurance companies have raised insurance premiums in an attempt to deal with payment risks, which has also led to an increase in cyber insurance premiums.

In the United States, the “conditions” for insurance enrollment are becoming stricter

As cyber insurance premiums rise, what is happening in the United States is the tightening of the “conditions” required of customers when purchasing insurance.



If security-related systems, such as authentication methods for logging into internal systems and data backup methods, do not meet the standards required by insurance companies, insurance premiums will increase and, in some cases, you may not be able to enroll in insurance. It is said that there is



As the damage caused by cyberattacks is increasing, insurance companies are trying to reduce the risk of paying insurance claims as much as possible by stating that "only companies that have taken proper security measures can purchase insurance." am.



However, even if it is a large company with employees with specialized knowledge, it is not easy for small and medium-sized enterprises and sole proprietors to meet the increasingly strict requirements for cyber insurance on their own.

Consulting to prevent client companies from being damaged

Focusing on this situation, new services that reduce the risk itself have also started.



From 2021, San Francisco-based insurance company Coalition has started a service that analyzes the current state of customer security measures and provides consulting in addition to cyber insurance.

If a risk is found, we will give advice on how to reduce the risk and proceed with countermeasures.



In addition, in order to respond to the latest ever-changing risks, it monitors the IT equipment of customers connected to the Internet in real time so that countermeasures can be taken before accidents occur.



This reduces the risk of cybercrime for customers and reduces the need to pay compensation to customers.



According to the company, its customers include many small and medium-sized companies, hospitals, and sole proprietors.



A company spokesperson said:

A spokesperson for the insurance company Coalition


said, “Insurance is based on predicting risks, but digital threats such as ransomware and phishing are difficult to predict. We are adopting new approaches to identify and reduce risk.”

Demand for support functions during cyberattacks

The cyber insurance market is expanding as the damage caused by cyber attacks becomes more serious.



Experts point out that while insurance coverage is unlikely to be renewed, there is still room for expansion in areas of support in the event of damage.

“Tokio Marine D.R.” Daisuke Kyogaku Chief Consultant


“If you have to pay so much, the economic reason is that you should buy insurance. It is difficult for companies to differ in terms of insurance coverage, but it is necessary to reduce risks on a daily basis and enhance incident response, such as arranging for security companies when something happens. Companies will not suddenly increase the manpower and money they can spend on security, so it is expected that there will be an increase in products and services that solve problems other than compensation. there is

In the near future, when companies sign contracts, it may become commonplace to ask, "Does your company have cyber insurance?"

Economic Department Reporter


Daisuke Nogami

American General Bureau reporter


Mikio Tanabe