The increase in cybersecurity incidents in Brazil has led to soaring demand for insurance for risks in that area, according to numbers from the National Confederation of Insurers (CNseg).
According to the association, the segment of cyber risk insurance has generated the most significant volume of business in March 2022 since the creation of that type of cover in 2019. With 13 million Brazilian ($2.7 million) worth of insurance policies sold, the category saw an increase of 23.4% compared to the same month in 2021.
The volume of business generated in the first three months of the year reached 34.5 million Brazilian reais ($7.2 million). According to CNseg, this is a 41.5% increase in relation to the first quarter of 2021. Totaling 113 million Brazilian reais ($23.6 million), the insurance premiums paid for cybersecurity incidents within 12 months from March 2021 to February 2022 are almost 100% higher than the same period between 2020 and 2021.
Cyber risk insurance in Brazil is aimed at corporate users, including SMEs. According to CNseg, that type of insurance covers data hijacking ransom requests seen in ransomware attacks, as well as the investigation required to ascertain what caused the attack and other losses, including lost profits and operating expenses resulting from the interruption of corporate activities.
In addition, the insurance tends to cover potential costs stemming from attempts to recover or repair data in the event of data leaks. Policies also include costs for responding to investigations by regulatory bodies as well as the fines imposed in regulatory processes. Costs relating to legal claims from customers due to data leakage are also covered.
According to separate research from analyst firm IDC, overall security spending is expected to reach nearly $1 billion in Brazil this year, an increase of 10% in relation to 2020. Of that total, spending on security solutions will reach $860 million, the analyst said, with cloud security becoming a key area of focus for Brazilian IT decision-makers.
The research firm predicted that 2022 will see firms dealing with an increasing number of cyberattacks, a trend that has gathered pace since the start of the COVID-19 pandemic. The research added that managed detection and response (MDR) services will continue to gain ground as the demand for skilled professionals intensifies.
According to IDC, from a consumer perspective, Brazilians are concerned about the security of their personal data. The study has found that 67% of those polled stated they already restrict the use of certain applications due to data traffic the devices generate. According to IDC, security incidents have impacted 15% of Brazilians, against 14% of respondents from other countries across the region.