Cyber insurance should complement, not replace, cybersecurity: FERMA

A new Federation of European Risk Management Associations (FERMA) report, produced in partnership with Marsh and Howden, has reinforced the message that cyber insurance should not be seen as a replacement for robust cybersecurity measures, but should rather act as a “complementary tool” to help organisations manage and transfer financial risks associated with cyber incidents.

FERMA’s latest cyber report, Demystifying Cyber Insurance: Today’s Trends & Tomorrow’s Challenges, explores the role of cyber insurance as a cornerstone of comprehensive resilience strategies, targeting key stakeholders across the market, including re/insurers, brokers, risk managers, and corporate insurance buyers.

According to the firm, persistent doubts remain within the risk management community about cyber insurance.

FERMA’s study highlights long-standing concerns among European risk managers, including exclusions, particularly for war and systemic risks, the removal of cyber cover from traditional policies amid fears of broader exclusions, coverage gaps, claims handling issues, and low uptake among companies, especially SMEs.

Philippe Cotelle, the chair of FERMA’s Digital Committee, commented on this, “We believe that these persistent doubts do not fully reflect the current state of the cyber insurance market.

“Although challenges undeniably remain, a lack of awareness and understanding about cyber insurance products contributes to underestimating the value cyber insurance can bring to organisations, ultimately limiting the level of resilience that European businesses could achieve.”

As discussed, FERMA’s report reinforces that cyber insurance should not be viewed as a substitute for strong cybersecurity measures.

Instead, the firm said cyber insurance should serve as a complementary tool to help organisations manage and transfer the financial risks of cyber incidents.

The study also emphasised the need for risk managers to thoroughly assess cyber exposures and review all policies to identify gaps or overlaps.

It called for closer collaboration with brokers, better training across the industry, clearer differentiation between cyber and crime coverage, potentially through blended solutions, and more tailored products that align cyber insurance with cybersecurity measures as complementary tools.

Charlotte Hedemark, President of FERMA, added, “Ultimately, achieving a more stable and resilient economy requires a collaborative approach, with insurers, brokers, and clients working together to address cyber risk comprehensively and sustainably.

“The solution lies in the insurance industry’s ability to listen more closely to client needs and to challenge itself to evolve, offering more relevant, transparent, and value-driven solutions in a rapidly changing risk landscape.”

“With this report, FERMA, Howden and Marsh reiterate their longstanding commitment to constructive engagement with all stakeholders in building a well-functioning and affordable cyber insurance market that supports the overall resilience of the EU economy.”