Tag: Digital Transformation

Digital Transformations: 5 Emerging Trends in the Intelligent Process Automation Market

August 4, 2022

The pandemic’s effects on the digital landscape are long-lasting. Businesses are evolving to rely on the intelligent process automation market (IPA) to promote growth and keep up with competitors. Read on to learn more about five growing IPA trends.

In a world becoming increasingly reliant on technology, financial services organizations are digitizing and automating more processes to keep up with the competition. The intelligent process automation market, growing by about 20% across all fields, is now becoming ubiquitous.

IPA is defined as automation in business processes that use a combination of next-generation automation technologies — such as robotic process automation (RPA) and cognitive or artificial intelligence (AI)-based automation, including intelligent document processing and conversational AI. Solution providers are offering solutions across RPA, Intelligent Document Processing (IDP), and workflow/orchestration, as well as crafting innovative solutions such as digital Centers of Excellence (CoE) and investing more in as-a-Service offerings.

In our recent Intelligent Process Automation (IPA) – Solution Provider Landscape with PEAK Matrix® Assessment 2022 report, our analysts ranked IPA technology vendors and looked at the market for IPA solutions. Based on the research, the growth of IPA technology and reliance will expand to around 25% over the next three years.

Five intelligent process automation market trends enterprises should know

The question of how to become faster, more efficient, and more resilient is the focus for just about any organization undergoing digital transformation. Very often, the answer to this question is at least, in part, intelligent process automation. In the near future, we can see five emerging IPA trends:

  1. IPA will get smarter

A greater proportion of cognitive elements is finding its way into the intelligent process automation market. About 60% of new automation projects involve more advanced cognitive tools such as IDP, conversational AI and anomaly detection. As the maturity of AI-based solutions increases, cognitive automation will be in greater demand. All-round adoption of IPA will be fueled by providers entering new geographies and organizations starting IA initiatives.

  1. IPA will be more scalable

Although many organizations are trying to adopt intelligent process automation, the real question is if it can be scaled up or, in other words, if it can be brought across the organization. To help enterprises scale automation, solution providers are investing in expanding their partner ecosystem, strengthening technology capabilities, and enhancing their services portfolio.

Providers are also expected to help enterprises scale up through more effective change management and CoE set-up strategies. Aided by the prevalence of process intelligence solutions to form robust pipelines and orchestration tools to facilitate holistic automation, enterprises are better equipped now to move away from siloed applications of IA to scaled-up automation implementations.

  1. Citizen development will grow

Many organizations are experimenting with what they can do with citizen development, especially with the current talent shortage. Citizen-led development also holds the power to disrupt the current state of building automation and addresses the issue of talent availability. Solution providers are expected to invest in citizen development and low-code/no-code technologies enabling business users to build automation, consequently also addressing the talent shortage in the market.

Solution and technology providers are also expected to invest substantially in developing the low-code/no-code capabilities of their platforms to enable business users with limited technical exposure to build automation solutions on their own. A few solution providers are implementing citizen development programs in their own organizations and are planning to leverage the learnings to develop effective governance programs for enterprises.

  1. IPA service providers will bring IPA solutions packages to the market

Packaged solutions are gaining traction in the IPA market due to their ease of implementation and quick Return on Investment (RoI). Solutions for F&A are the most prevalent in the market. These solutions will need training on particular data sets to make them functional for a particular process, but they will speed up implementation. Providers are expected to take conscious steps toward promoting sustainable AI by developing solutions complying with environmental, social, and governance (ESG) parameters. They are also investing in AI solutions that are transparent about their working and usage of data.

  1. IPA service providers will pre-build connectors to legacy and other systems

There are a host of technologies, including RPA, conversational AI, process mining, and process orchestration in the IA ecosystem. Very often these IA solutions need to talk to the various other systems. Many IPA service providers are driving innovation and crafting new solutions to keep pace with the fast-moving IPA market and create a more holistic integration process. One such method is offering enabling capabilities like pre-built connectors for a faster and less complex implementation.

If you would like to learn more or discuss the intelligent process automation market and IPA trends, reach out to [email protected].

Learn how the healthcare industry is utilizing intelligent automation, digitalization, and telehealth as fundamental driving forces to transform and evolve in the webinar, How Intelligent Document Processing Is Transforming the Healthcare Industry.

10 Steps to Better Evaluating a Cloud Service Agreement | Blog

July 29, 2022

Comprehending a Cloud Service Agreement (CSA) can be difficult. With the increasing clout of hyperscalers, buyers need to fully understand a CSA to effectively negotiate with cloud service providers. Learn how to better evaluate these contracts in this blog.  

With the increased adoption of cloud services, Amazon Web Services (AWS), Google Cloud Platform (GCP), and Microsoft Azure have come to dominate the public cloud space in recent years. The negotiating power of these hyperscalers has significantly increased, changing the dynamics of the CSA.

As the influence of cloud providers grows, customers need to carefully evaluate the proper terms and conditions in the CSA. First, let’s better understand the key terms:

  • Cloud service agreement (CSA) – a service level agreement (SLA) for cloud computing services between the cloud service consumer and cloud service provider
  • Cloud service consumer – an individual or a corporate enterprise end user accessing cloud computing resources and services from the cloud service provider
  • Cloud service provider (CSP) – third-party suppliers of cloud-based platforms, infrastructure, application, or storage services
  • Customer agreement – the relationship between the provider and the customer, including roles, responsibilities, and processes used by the CSP

The contract may be written according to the service delivery model selected, such as Infrastructure as a Service (IaaS), Platform as a Service (PaaS), or Software as a Service (SaaS). CSPs can modify their contract terms at any given time.

Based on our observations, many customers have difficulty understanding these contracts. With the growing portfolio of cloud services in every organization, understanding the nuances to better negotiate contracts with service providers is crucial.

Below is a practical reference to safeguard customers’ interests.

Ten Steps to Evaluate a Cloud Service Agreement

  1. Understand the roles and responsibilities properly
  2. Evaluate business-level policies thoroughly
  3. Understand service and deployment model differences
  4. Identify critical performance objectives
  5. Evaluate security and privacy requirements of the environment
  6. Identify service management requirements
  7. Ensure proper backup for service failure management
  8. Understand the disaster recovery plan
  9. Ensure an effective governance process
  10. Evaluate the exit process fully

For a detailed analysis of your contracts, please reach out to [email protected]. To discuss the cloud service agreement, contact Rohan Pant, [email protected], and Vaibhav Jain, [email protected].

Seven Best Practices to Follow During a VDI Implementation | Blog

July 29, 2022

Driven by the increasing numbers of mobile workers during the pandemic, VDI implementation has rapidly grown as a secure solution that provides flexibility and cost savings. While it’s a good fit with today’s steadily growing remote workforce, VDI must be implemented properly to avoid pitfalls. Read on to learn the challenges and benefits of implementing a virtual desktop infrastructure.

Workplace infrastructure is quickly evolving. While Virtual Desktop Infrastructure (VDI) transformation has been in the industry for some time, COVID-19 has spurred its increased use to manage IT consumerization and control costs.

The benefits of implementing a virtual desktop infrastructure for enterprises can be remarkable and include easier accessibility for users, device flexibility, increased security, and lower costs. However, if not implemented correctly, VDI can bring organizational challenges. Many projects fail due to improper design leading to performance issues.

Based on our experiences helping organizations understand and optimize VDI implementation to achieve the right model for their budgets and timelines, we identified the following seven best practices:

  1. Understand end-user requirements – Boot storms can be avoided by being cognizant of such details as the number of VDI users, end-user applications, and the times of day users will log in and access their virtual desktops
  2. Consider end-user location – VDI architecture and resources may vary for users at different locations. Bandwidth and latency also have a big impact on the end-user experience
  3. Choose the ratio of persistent or non-persistent desktops – The virtual desktop type can sometimes be determined by the user type, such as task workers, power users, kiosk workers, etc. Persistent desktops retain a user’s personal settings when they log off, while non-persistent virtual desktops do not
  4. Consider client device options – A desktop virtualization benefit is that nearly any device can have a virtual desktop client. Deciding the best mix of thin client devices, converting old personal computers into thin clients, and having bring your own device (BYOD) clients are key factors in VDI deployment. Maintenance requirements and ownership will differ for each case
  5. Design for high availability – While a problem with one physical desktop affects just a single user, an overall VDI failure has the potential to impact all employees. Design the underlying architecture to be highly available to avoid this
  6. Craft a BYOD policy – VDI lets organizations deliver a desktop experience to many types of endpoints and devices – even those owned by end users. Carefully design and distribute a BYOD policy indicating what users can and cannot do on their personal devices
  7. Factor in security – Do not overlook infrastructure security. All security best practices that apply to physical desktops/laptops also pertain to virtual desktops. Administrators should make sure to extend patch management operations to cover virtual desktops

For a detailed analysis of your VDI implementation, please reach out to [email protected]. To discuss further, contact Vaibhav Jain at [email protected].

Potential Value for Your Company in the Metaverse | Blog

July 18, 2022

A deep interest in the metaverse is emerging. It comes at a time when companies increasingly want to fund value-creation initiatives that enable competing better and engaging clients and employees in new and better ways. To help your company consider how it could benefit from the metaverse, I’ll discuss in this blog what companies are doing today – those that have a first-mover advantage with a presence in the metaverse already, as well as companies currently investigating its potential for creating business value.

Read more in my blog on Forbes

Selecting the Right Low-code Platform: An Enterprise Guide to Investment Decision Making | Blog

July 15, 2022

Enterprise adoption of low-code platforms has been invigorated in recent years by its potential to drive digital transformation. This fast-rising platform solution offers promise to democratize programming with today’s talent shortage and help companies develop applications and enhance functionalities faster. While the opportunities are clear, charting a path to successful adoption is ambiguous. Learn the 4Cs approach used by best-in-class enterprises for selecting and adopting the right-fit low-code platforms in this blog.

As many as 60% of new application development engagements consider low-code platforms, according to Everest Group’s recent market study. Driven by the pandemic, the sudden surge in demand for digital transformation accelerated low-code annual market growth to about 25%. Considering its potential, low code is appropriately being called the “Next Cloud.”

Interest by investors also has accelerated, further driving R&D spend for new product development. Funding activities in 2022 to companies featuring low code in their profiles already amounts to $560 million across 40 rounds.

Platform providers are responding to these elevated expectations with equal fervor by building platforms with deep domain-specific expertise, while others are providing process-specific solutions for enterprises’ customization requirements.

While these markets have resulted in a proliferation of low-code platforms to choose from, it also has led to confusion and inefficiencies for enterprises. As more and more enterprises explore the potential of these platforms, IT leaders are faced with numerous questions and concerns such as:

“How do I select the platform that can address my current and future requirements?”

“Which platform will work best in my specific enterprise IT landscape?”

“How can we optimize the investment in this technology?”

“How do I compare the pricing structures of different low-code platforms?”

“How do we ensure governance and security of the IT estate with these new tech assets?”

Adoption journey and evaluation parameters for low-code platforms

In addition to the high-priority use cases that initiate the adoption, enterprises should consider the platform’s scalability potential, talent availability for support and enhancement, and integration with the broader IT landscape to make the right selection.

Additionally, low-code platforms are intended to address the requirements of the IT function as well as business stakeholders. Considering the drivers, expectations, and requirements of both when making the selection is essential. A collaborative decision-making set-up with the central IT team and key Line-of-Business (LoB) leaders is critical for a successful platform selection. Let’s explore the 4Cs to low code success.

4Cs to low code success

The key steps to ensure successful low-code platform selection and adoption are:

  • Contemplate: Initiate platform adoption by a set of high-priority use cases but plan for scalability at the enterprise level during platform selection
  • Collaborate: Bring together the central IT group to lead the selection and adoption effort and meaningfully involve the LoB stakeholders
  • Compare: Start with business and tech drivers, expectations, and requirements from both IT and business to prioritize and rank platforms and select the best-fit platform
  • Customize: Make small and incremental enhancements post-adoption to broaden the platform’s scope without disrupting daily operations

This approach can provide a roadmap for enterprises with distinct outcomes. We have witnessed enterprises either adopting the best-fit approach resulting in a platform portfolio or leveraging a single platform as a foundation for an enterprise-grade innovation engine.

For instance, the Chief Technology Officer (CTO) of a leading bank in the US invested in establishing a low code Center of Excellence (CoE) that uses different platforms for process automation, IT Service Management (ITSM), and enabling point solutions for business users.

On the other hand, a large US commercial insurer built its entire end-to-end multi-country app on a single low-code platform. This comprehensive, business-critical application managing claims, billing, and collection is accessible by all underwriters and service personnel.

Next, we explore how to best compare platforms based on their offerings and capabilities. The tables below illustrate the top five business and technology-oriented parameters to consider when evaluating platforms, along with their relevance and enterprise expectations.

Technology parameters for low-code platform selection

Factors associated with the platform’s technical robustness are of key importance to IT decision-makers. Integration and UI/UX capabilities are at the top of enterprise’s technology priorities when comparing multiple platforms.

For instance, Appian ships with 150-plus Out-of-the-Box (OOTB) connectors. Appian SAIL, a patented UI architecture, takes declarative UI definitions to generate dynamic, interactive, and multi-platform user experiences. It also makes the applications more secure, easy to change, future-proofed, and native on the latest devices.

Picture1

Business parameters for low-code platform selection

Assessing these parameters is important to understand whether low code can be sustained and scaled long-term and if it addresses the business users’ expectations. Pricing and security constructs are at the top of the list for businesses looking to adopt a low-code platform.

Picture2

Let’s consider Salesforce as a case-in-point. Salesforce has security built into every layer of the platform. The infrastructure layer comes with replication, backup, and disaster recovery planning. Network services have encryption in transit and advanced threat detection. The application services layer implements identity, authentication, and user permissions. In addition, frequent product updates that help it to align its product offering with changing market demands put Salesforce as one of the go-to platforms for all the CRM needs of enterprises.

Low-code platform outlook

The plethora of options makes it difficult for enterprises to zero down their investments on a particular low-code platform. Enterprises must also leverage their network of service partners for guidance in this decision-making process.

Talent availability for implementation and enhancement support is critical to keep in mind during the platform selection. For the same reason, multiple system integrators are now taking the route of inorganic growth to bolster their low-code capabilities.

This is the time to hop on the low-code bandwagon and establish low code as the basis for enterprise digital transformation.

Everest Group’s Low-Code Application Development Platforms PEAK Matrix® Assessment 2022 provides an overview of the top 14 platforms based on vision, strategy, and market impact.

To share your thoughts and discuss our research related to low-code platforms, please reach out to [email protected] and [email protected].

The Next for Low-code Software Development: Voice-driven Development | Blog

June 3, 2022

Using voice to create applications is the next evolution of low-code software development, but it has many challenges to overcome. Voice-based development can make it easier for users with less experience to create code and help fill the talent void. Is voice-driven software development the next pioneer in low code, or is it all talk? Read on to find out.

As low-code development software continues to grow, one way to make it even easier is by using voice to create applications. Voice can become an important interface to engage with low-code platforms in addition to the standard way of users building applications through drag and drop functions.

While professional software development has been talking about voice-based development for at least a decade, it hasn’t taken hold at the rate expected and still has a long way to go. Attempts have been made to create voice-based enterprise workflows using devices such as Alexa. However, these are voice “triggered” and not voice “developed.”

Voice-based software development hasn’t worked in the mainstream. Why would it work in low code?

Low-code development is full of challenges around aligning requirements and outcomes, security, debugging, portability, building complex functionalities, etc. Therefore, adding a voice layer to engage will be an obstacle in low code.

Software development through voice is an exciting area, and firms like Talon, Nuance (Dragon), and Serenade have attempted to incorporate voice-based software development. OpenAI Codex-based CodeVox also has tried to build software using voice as input.

The challenges with voice-driven software development are well documented and include speech recognition, interpretation, Integrated Development Environment (IDE) support, programming language support, formats, and building the actual code.

Moreover, professional developers do not generally like the idea of coding through voice because they believe they think and type faster than they speak. Therefore, non-professional developers and business users – the key targets for low-code software – become good audiences for enhanced value.

Despite the difficulties, voice can add meaningful benefits if done well in low-code applications and can further increase the user pool who are comfortable in building business line or workflow apps to start with.

Few, if any, low-code vendors today are providing voice-based development support because the industry does not have a strong AI-led base platform to incorporate such complex functionality.

As the market matures and low-code demand scales, enterprises and vendors will soon realize they will need to further simplify low-code application development beyond the current drag and drop model. If they don’t, low code will meet the same fate as professional development, where costs are astronomical, timelines are longer, and talent is scarce.

The big issues around the need for more software, lack of talent, rising costs, and poor time to market are not going anywhere and, in fact, will worsen in the future. While low-code platforms are an attempt to address some of these hurdles, the current model is not sustainable. Voice must become an integral part of low-code development for it to succeed.

For more information on the low-code software development market, see Everest Group’s research on Next Normal for Application Development and our assessment of leading vendors offering low-code software development platforms.

What do you think about voice-based low-code software development? Please let me know at [email protected].

You can also learn about emerging technologies in our webinar, Web 3.0 and Metaverse: Implications for Sourcing and Technology Leaders.

 

Europe Embarks on a New Technology Regulation Wave

May 25, 2022

Big changes are coming as Europe moves toward digital empowerment by 2030. Governments are building frameworks for the regulation of emerging technologies to protect consumers and companies while promoting innovation and digital leadership. What impact will the drive toward technology sovereignty have on BigTech providers, buyers, and investors? Read on for the latest in our series on technology sovereignty.  

In our last blog, we explored the emerging and growing focus on technology sovereignty in the United Kingdom and Ireland (UK&I) and European markets. Let’s continue our discussion of this important topic.

The focus on Europe’s data sovereignty is back in the spotlight as a result of new European Union (EU) rules to limit big online platforms’ market power. The risk of global cyber-attacks by Russia as retaliation against Ukraine also has made this an issue to watch.

Europe’s latest moves for technology regulation are not in isolation. Representatives from business, politics, and science from Europe and around the globe have already been working together since 2019 to create a federated and secure data infrastructure through the GAIA-X initiative.

With data security, privacy, and technology sovereignty becoming key issues for the region, Europe is setting up new regulatory frameworks to protect consumers and companies, while trying to ensure a competitive market and encouraging innovation.

What does the Digital Markets Act (DMA) entail?

Under consideration by the European Commission, the DMA intends to ensure a higher degree of competition in the European Digital Markets, by preventing large companies from abusing their power and by allowing new players to enter the market.

Beyond the hyperbole that surrounds any technology regulation, the DMA provisions include:

  • New regulations on BigTech companies providing “core platform services” that are most prone to unfair business practices, such as social networks or search engines. These companies that have a market capitalization of at least €75 billion or annual revenue of €7.5 billion are considered gatekeepers
  • To be designated as gatekeepers, these companies must provide services such as browsers, messengers, or social media, which have at least 45 million monthly end users in the EU and 10,000 annual business users
  • Sizable messaging services (such as WhatsApp, Facebook Messenger, or iMessage) will have to open up and interoperate with smaller messaging platforms, if users ask, promoting more choice
  • Combining personal data for targeted advertising will only be allowed with explicit user consent from the gatekeeper. Similar to instant messaging, allowing users to freely choose their browser, virtual assistants, or search engines will be required
  • If a gatekeeper does not comply with the rules, they can receive fines of up to 10% of total worldwide turnover in the preceding financial year and 20% for repeated infringements. Companies who systematically violate the regulations could be banned from acquiring other companies for a certain period

In addition to DMA, the EU reached a consensus on the Digital Services Act (DSA) in April, which focuses on setting up a standard for the accountability of online platforms regarding illegal and harmful content. If voted into law, the DSA will apply across the EU within fifteen months or from January 1, 2024, whichever is later. Meanwhile, the DMA likely will go into effect next summer.

The battle for sovereignty and security is just getting started

While these acts are significant steps in Europe’s focus on curbing the perceived monopolistic power of BigTech, they are part of larger movements such as:

  • A growing global reckoning exists around BigTech companies that control multiple industries, such as enterprise cloud computing, consumer-oriented economies, and media and advertising, to name a few. Complicating this further is the way their roles (especially social platforms such as Meta, Twitter, etc.) are evolving into digital town squares, and the subsequent impact on democracy, free speech, and bullying
  • Most BigTech companies originated in North America but are now global businesses. There’s a degree of circumspection in how Europe views this shift in innovation and control and reining it in. These acts are a natural successor to Europe’s previous foray into data protection through the General Data Protection Regulation (GDPR), which came into force in 2018. It subsequently inspired other acts globally, including the California Consumer Privacy Act (CCPA)
  • The region’s increasingly fragile geopolitics is creating new implications for cyberwarfare and rogue state actors, fueling the desire to shore up digital resilience. We can also expect this to have a knock-on effect on other regions (the US is considering similar steps and Australia took measures to regulate the relationship between BigTech and traditional media, to name a few)

We expect this conversation on the regulation of emerging technologies to evolve and shape the future of technology spending and strategies in the region.

Implications of technology regulation for the European ecosystem

Owing to these triggers and the broader conversation around technology regulation, sovereignty, and BigTech reach, we expect the following three implications for buyers, providers, and investors in the European technology space:

  • Buyers should include sovereignty requirements in sourcing decisions: We are starting to see enterprise buyers of technology and services embed sovereignty of the tooling and service providers they choose in RFPs. Expect this to continue and become a hygiene factor for technology providers to showcase in the sourcing process
  • Establish regional market partnerships: BigTech companies are smart and understand they can’t be upstaged overnight. They are already establishing partnerships and tweaking their business model to ensure compliance with the evolving European regulatory environment. Look for more partnerships with specific players in the region to play by these rules (for instance, Google Cloud and T-Systems partnering on cloud sovereignty in the region). IT service providers will also train more people on BigTech technologies as a result
  • Look beyond sovereignty-washing: As with any big shift and trend, new and existing competitors to BigTech will latch on to this market theme. We foresee more press releases announcing the amped up focus on sovereignty. Investors, buyers, and partners should look beyond this marketing hype and truly understand how these firms are solving these issues. For instance, are they embedding sovereignty at the application or data layer? Where does the data reside, and who owns it? Answering these questions can help buyers spot the real innovators

We anticipate a floodgate of activities as we approach implementation timelines in the next 12-18 months. This will create a one-time discontinuity in the market and result in additional spending on compliance. However, market participants will be wise to consider the long-term impact of technology regulation in Europe on their strategies.

To discuss further, please reach out to [email protected] or contact us.

You can also tune in to our webinar, Discover 5 Ways to Transform Your Workforce and Location Strategy Amid Global Uncertainties, for key insights and strategies that global talent leaders can use to readjust their workforce strategies.

Managing Technical Debt From Legacy Systems Not Moving To Cloud

May 24, 2022

In recent blogs about the legacy technical dilemma and strategic decisions in managing legacy IT, I advised that companies need to reconcile themselves to the fact that they will continue to have significant legacy estates that will take a long time to move to the cloud and, therefore, will have legacy technical debt for the foreseeable future. It is not unusual for companies to have layers of efficiency-focused legacy technology 30 or more years old. That debt will continue to accumulate because companies need to invest in updating those systems to avoid significant business risks. The question is what to do about this technical debt.

Read more in my blog on Forbes

Cyber Insurance Market: Carriers Navigating through a Changing Risk Landscape

May 19, 2022

With increased cyber attacks and data breaches post-pandemic, cyber insurance to protect against the rising digital threats is growing in demand. Cyber insurers can benefit by partnering with service providers to seize opportunities for growth and profitability in this fast-growing market. Read on to learn how.     

Cybersecurity continues to be a top priority for enterprises across all industries, primarily driven by increased cyber attacks and data breaches in the wake of COVID-19. Enterprises are increasingly strengthening firm-wide cyber defenses and turning to cyber insurance as a mitigating measure to counter the rising threats in today’s increasingly digitized world.

In particular, the pandemic has accelerated the severity, frequency, and complexity of ransomware attacks. Data from the US Treasury Department’s Financial Crimes Enforcement Network (FinCEN) suggests the total value of suspicious activity reported in ransomware-related incidents during the first six months of 2021 was US$590 million, more than the US$416 million reported for all of 2020. The frequency has also gone up, with 658 ransomware-related suspicious incidents being reported during the first six months of 2021, representing a 30% increase from the total reports filed for 2020.

Costs associated with cyber attacks also are rising. According to the IBM Cost of a Data Breach Report, the average data breach costs rose from US$3.86 million to US$4.24 million in 2021.

All of these factors have led to a substantial increase in cyber insurance pricing across the world. An analysis by Marsh shows US cyber insurance pricing increased 96% year-over-year during the third quarter of 2021, which also represented a 40 percentage point increase from the second quarter of the year.

1 1

Image 1: US insurance market pricing change – overall commercial vs cyber insurance segments

US cyber insurance market provides significant growth opportunities

Direct premiums for US-domiciled insurers stood at US$2.75 billion in 2020 – less than 1% of the overall direct written premium in the US property and casualty (P&C) insurance market – reflecting the runaway growth in cyber insurance. This segment has also grown at a decent pace over the last five years, registering a compound annual growth rate (CAGR) of 13.3% during that period.

Standalone cyber insurance policies are gaining prominence and have seen faster adoption than packaged policies sold as add-ons to other insurance products/policies. This can be attributed to enterprises’ need for broader coverage and a better understanding of policy terms and costs.

While most carriers have mainly serviced corporate clients, they are now starting to focus on the retail segment by providing standalone cyber insurance products that have typically been sold as add-ons to homeowners insurance. For example, Chubb recently launched Blink, a new personal cyber protection offering that covers expenses related to identity theft, fraudulent wire transfer, cyberbullying, and ransomware extortion.

Insurers are also offering joint go-to-market (GTM) products to provide comprehensive cyber risk management solutions to enterprises. In 2021, Allianz and Munich Re partnered with Google Cloud to launch a solution for Google Cloud customers that combines the risk-transfer expertise of Allianz and Munich Re with Google’s security capabilities to provide clients tailored coverage.

Advent of insurtechs in the cyber insurance market segment

The insurtech space has recently witnessed increased activity where most newcomers are catering to specific segments like small to medium enterprises. Insurtechs are leveraging their tech capabilities to make the underwriting process more streamlined and automated while incumbents continue to face legacy issues.

However, insurtechs lack the capital resources of their traditional counterparts and hence are forming alliances with traditional insurers to combine their respective capabilities. Some insurtechs are also offering coverage on behalf of incumbents through the Managing General Agent (MGA) model.

  • Cowbell Cyber, a full-stack insurer providing cyber coverage to SMEs, raised US$100 million this March to expand its go-to-market channels and increase investments in data science, underwriting, risk engineering, and claims management
  • At-Bay, a cyber insurtech MGA, announced a partnership in September 2021 with Microsoft to offer data-driven cyber insurance coverage to Microsoft 365 customers

Challenges for insurers in a hardening cyber market

While cyber insurers have experienced significant top-line growth, profitability remains a major concern as payouts have outstripped premium growth. The increased payouts have led to higher loss ratios. The loss ratio for US cyber insurers increased from a 42% average during 2015-19 to 73% by 2020. Insurers are responding by narrowing the cyber coverage scope and limiting cyber capacity. They also are imposing sublimits for ransomware coverage and adding coinsurance requirements to cyber policies.

2

Image 2: Insurers narrowing cyber coverage scope and limiting cyber capacity

How can cyber insurers benefit from BPS partnerships?

Partnering with Business Process Services (BPS) providers can help cyber insurers in the following ways:

Providing underwriting talent: As the adoption of cyber insurance grows, it will also lead to higher volumes for carriers. Service providers can provide support by standardizing parts of the underwriting process to enable carriers to handle increased work volumes. This can include deploying straight-through processing by standardizing the intake process and applying rule-based engines for low-premium policies to free up time for underwriters to focus on larger policies. They can also take over non-core pre- and post-underwriting work and help create scalable Centers of Excellence (CoEs) at profitable locations.

 Enabling technology: As carriers tighten their underwriting requirements with an increased focus on analyzing enterprises’ history of ransomware incidents and cyber breaches, they will heavily rely on third-party tools and public data sources to evaluate the insureds’ level of risk. This provides an opportunity for service providers to work with carriers to provide such tools and applications to help them assess risks associated with a particular firm.

Ensuring compliance: Amid the ever-evolving cyber threat landscape, governments and regulators across the globe are introducing new cybersecurity-focused legislation. The US Congress passed a new cybersecurity law in March mandating critical infrastructure entities to report cybersecurity incidents and ransomware payments to the relevant authority within 72 and 24 hours, respectively. Service providers can support carriers on various compliance-related matters. While some providers have compliance-specific expertise in licensing and filings, others have dedicated teams for compliance review and obligations. Third-party BPS providers can leverage these resources and work with carriers to ensure compliance.

Partnerships critical to the cyber insurance market’s future

As carriers seek growth in the cyber insurance market, they will need to strike the right balance to also achieve profitability. At the same time, service providers will have to keep up with the evolving market and appropriately build their cyber capabilities.

By working together, carriers and service providers can address some of the current market challenges and capitalize on the opportunities in the cyber insurance space to achieve sustainable growth.

For more information, please read our comprehensive assessment of the players in the P&C Insurance BPS segment, Property and Casualty (P&C) Insurance BPS – Service Provider Landscape with PEAK Matrix Assessment 2022.

To discuss opportunities in the cyber insurance market, please reach out to Somya Bhadola at [email protected] and Dinesh Singh Udawat at [email protected] or contact us.

 

EG with tagline Neg
Linkedin-in Facebook-f Play Instagram
Better Decisions Powered by Tenacious Research    

Contact Us

Who We Are

About Us

Newsroom

Office Locations

Partners & Affiliations

What We Offer

Memberships

Custom Decision Support

Published Research

Careers

Why Everest Group

Explore Openings

Equal Opportunity Employer

Resources

Access Reports

Citation Policy

Everest Group Market Intelligence (EGMI)

Legal

Using the Reports Portal

©2023 Everest Global, Inc.         Privacy Notice          Terms of Use        Do Not Sell My Information

How can we engage?

Please let us know how we can help you on your journey.

Contact Us

"*" indicates required fields

Please review our Privacy Notice and check the box below to consent to the use of Personal Data that you provide.
Consent*