Cybercrime is evolving as quickly as any other way in which technology is influencing the way we live. A dawning realization is how mature and advanced the cybercrime economy is and how less sophisticated the cybersecurity industry is, especially in the area of protecting private individuals.
Cybercrime risks to high net worth (HNW) families is approaching an acute phase where the frequency and severity of cyber-related losses both will increase. We expect this to happen based on three primary drivers:
- The improved defenses of large organizations. Large-scale breaches of corporate servers will still occur; however, the industry committed to combating organizational hacking is advanced, is learning quickly, and is making it more difficult and expensive for the cybercriminals to win. Criminals will shift to easier prey, most notably the weaknesses of individuals and
- The economies of scale from experience and learning. It used to cost $85,000 (in today’s dollars) for every 1 MB of data in 1956. Now it costs just $.00002. Cybercriminals get to use this same benefit in multiple ways and have learned to crowdsource and share technologies and tactics to create an efficient
- The computerization of everything, or IoT. As more and more consumer devices become smart and connected, the potential for interception, disruption, and destruction follows. By 2035, there may be as many 1 trillion connected consumer products in use.
These developments and drivers will undoubtedly affect the landscape and experience for all of us. We expect to see at least three negative consequences emerge:
- The commoditization of vulnerabilities. No longer will the spoils of cybercrime be the data, money, or personal information stolen, but the vulnerabilities themselves that can lead to an attack will be tradable and subject to markets and arbitrage.
- The awareness and exploitation of cybersecurity immaturity among individuals and families. When what we haven’t been able to keep up on becomes more easily and profitably exploitable, it will be. We believe there is unlimited potential to increase the awareness and adoption of cybersecurity. The problem that arises is the gap between what the bad guys already have and what the good guys need to do.
- Expansion of the loss consequences. It used to be that credit card numbers and personal information were the most severe losses stemming from a cyberattack. Now cybercrimes resulting in bodily harm, tangible-asset destruction, emotional distress, stalking, and bullying are all becoming real.
While the personal insurance industry emerging into its first- generation response to cybercrime, we’ve seen the release of newly-created insurance coverages to help families address some of cybercrime’s losses. The insurance industry’s response will evolve not only because of the continued evolution of cybercrime but also our industry’s first experiences when providing solutions for it.
To download the full report, contact Erika Close.