The U.S. energy industry has been scrambling to buy more cyber insurance after the recent cyberattack on Colonial Pipeline, which completely disrupted the U.S. fuel supply across the east coast. However, reports indicate that cyber insurers plan to hike rates following a number of high-profile cyberattacks.
Insurers are currently planning to increase their premiums by 25% to 40% across many fields and industries because of the rising number of claims. Energy companies, for instance, will most definitely face rate increases as the Colonial attack and other recent attacks have exposed vulnerabilities and have resulted in insurers facing significant losses.
Regulators are working with pipeline companies to strengthen protection against attacks, the U.S. Department of Homeland Security said this week. The energy industry's "cyber risk management and mitigation practices are not as advanced" as other major sectors like banking or real estate, raising the risk of successful attacks, Moody's Investors Service said in a May 10 report.
Organizations that have acquired cyber insurance are often able to retain the loss, usually ranging from $500,000 to $10 million – which is dependent on the policy. After that, the insurance usually kicks in to cover ransomware attacks, which cost Colonial $4.4 million for instance – according to a Colonial Executive.