The 2020 Cyber Outlook

Diving into a Disruptive Environment


SVP, Management Liability
+1 763 548 8599
January 8, 2020

It looks to be an interesting year in the world of cyber-crime risk management. And when we say “interesting” we mean ever-increasing activity and escalating losses. Here’s an example of what we’re facing.

Early in the morning on March 19, 2019, Norsk Hydro, a global aluminum auto parts supplier, became the victim of a ransomware cyber-attack. The malware encrypted their files and brought operations to a halt in multiple locations. The attack forced Hydro to stop normal operations and switch the affected areas to manual operation.

The cyber-criminals demanded a ransom to have the computer system unlocked and restored. But Hydro refused and decided the best course of action was to rebuild their network system.

So, the cyber-attack cost them nothing? Hardly. Norsk reports the attack ultimately cost them $52 million and delayed their scheduled April 30 earnings report all the way to June 5, 2019. It also affected many of their downstream customers, including large auto manufacturers, and caused many industries to lose income.

It appears that Norsk Hydro reacted correctly to the event. They had a plan, executed it well, and were able to be mostly doing business as usual within six months. This is in stark contrast to organizations impacted by the NotPetya malware in 2017. That event cost many organizations that were not even the original targets millions of dollars, including the recently announced $870 million in damages suffered by Merck.

Recently, ransomware attacks have been demanding more and more from victims. Initial demands are now as high as $64 million — and cyber criminals are putting escalators into their demands, insisting organizations pay immediately or face increasing ransom costs.

The lack of a “silver bullet” solution
A key problem with cyber-attacks is that, unlike weather disasters such as hurricanes where we have a hundred years of data to draw conclusions from, cyber-crime is still too new to be anywhere near predictable. And it continues to shift gears, often too fast for the world to keep pace. So, no one has yet developed a viable answer.

Great. So, how do you find the right protection and the right insurance?

Finding the right insurance partner
The cyber protection market has been inundated with new entrants over the past few years — some have thrived, while others have not been nearly as successful. Now we are seeing the market beginning to slow.

It is also important to note that not every company is providing the same coverage for the same price, and there is definitely an often significant difference in what they offer in terms of pre- and post-breach services.

Having multiple carriers in this field has served one purpose: keeping the price low because of the additional competition and capacity. This has had an interesting effect on some of the more established carriers that are starting to feel the heat because they’ve had experience paying out on claims. We expect this will ultimately have a direct effect on rates.

This has resulted in a challenging market where often the best price is not the best value. It is important to understand that many carriers offer excellent tools and services, including training, access to breach coaches and first-rate legal teams. And, although those come with a higher price tag, they can be highly effective in keeping the possibility of cyber-damage to a minimum. And that results in a better value for the insurance buyer.

Marsh & McLennan Agency can help
To learn more, visit, or contact your Marsh & McLennan Agency representative.