Skip to Content
Home // Insights // Cyber Liability Marketplace Insights Q4 Update

Cyber Liability Marketplace Insights Q4 Update

NEW TRENDS WITH AN EYE TO 2025

  • Ideal risks, i.e. those companies with strong security controls, are seeing competitive pricing and robust coverage in the Canadian cyber insurance market boosted by new insurance company capacity
  • Continued vigilance will be needed in 2025 for specific risks including:
  • aggressive regulators demanding organizations to report “material” cyber incidents;
  • The use and impact of A.I. by both companies and threat actors; and
  • Reliance on technology supply chain.

Recent wide-scale events like CDK and Crowdstrike that hit in Q3 and continued to have impact in Q4, clearly shone the spotlight on the costs of cybersecurity incidents and the importance of constant vigilance and a strong cybersecurity posture. These recent experiences have reenforced just how reliant companies are on 3rd party vendors and their supply chain. In late October Delta Air Lines filed suit against Crowdstrike which followed the company detailing outage costs of $550M in cancelled flights, customer compensation and crew expenses related to Crowdstrike’s alleged faulty software update. The outage lasted approximately five days.

In addition to the continued growth in breaches related to supply chain interconnection (the Verizon DBIR 2024 report cited that 15% of breaches in 2024 have been related to supply chain interconnection influence), Ransomware and business email compromise continue to account for 53% of claims in the five-year period of 2019-2023 according to the recently released NetDiligence Cyber Claims Study 2024 Report.

The takeaways for organizations as of Q4 2024:

  • The cyber insurance market will continue to mature in response to new threats;
  • Organizations need to understand the vulnerabilities of their vendors and supply chain; and
  • Insurance coverage can play a key role in your incident response planning and preparedness.

The age-old expression – It is not a matter of IF but WHEN your organization will suffer from a cybersecurity attack – should no longer be the focus. The focus is about WHO and HOW. Who will you call when your organization has a cyber incident and how will you handle it? Are you fully prepared? Response and access to proper resources, including insurance, will be the key to recovery

Patrick Bourk
Vice President, Cyber & Professional Lines, Navacord

DOWNLOAD THE FULL ARTICLE | CYBER LIABILITY MARKETPLACE INSIGHTS Q4 UPDATES

If you have questions specific to your business, or would like additional information, please reach out to your Iridium Risk Services Advisor.