The growth in the cyber insurance market is due more to rate adjustments than increases in the volume or size of contracts, says S&P Global Ratings.
Despite being the fastest-growing sector, Manuel Adam, analyst at the firm, said that the market dynamic reflects a growing number of (re)insurers’ hesitancy to underwrite large cyber risks (and some providers’ reduced risk appetite) due to more frequent and severe cyber attacks, and greater systemic risk.
Adam said that the need to continually re-assess evolving cyber risk exposures is a challenge that will likely mean that dynamic contract conditions will prove an enduring characteristic of the cyber insurance market.
That, in turn, heightens the need for policy clarity, with precise wording, which will be key to sustainable underwriting of cyber insurance.
He added: “We believe an overly aggressive expansion into the cyber insurance market, without effective risk controls, could be detrimental to insurance companies’ risk exposure, their capital position, and their earnings.”
Cyber insurance premiums topped $9bn in 2021, according to Munich Re. That figure is likely to increase at an average 25% per year to about $22.5bn by 2025, according to S&P Global Ratings.
S&P Global Ratings said that growth might seem to be a sign of a burgeoning cyber insurance market, but rising rates accounts for much of the increase in total premiums over the past two years, rather than an increase in the number or size of insurance contracts.
Improvements in risk modeling will be necessary if further growth is to reflect increased market capacity, driven by (re)insurer’s greater risk appetite, rather than still higher rates underpinned by a supply-demand mismatch due a reluctance to take on new risk.
Clear policies, with precise wording, are key to the sustainable development of the cyber insurance market, as highlighted by concerns about the contractual treatment of cyber warfare in the wake of the Russia-Ukraine conflict.
A disciplined and targeted expansion into cyber insurance that meets policyholders’ needs could support issuers’ creditworthiness, enhance their reputations, and leave successful (re)insurers better prepared for the next growth opportunity.
The significant increase in premiums over the past two years (see chart) stems partly from an increasingly cautious approach to underwriting cyber risks by insurers eager to protect margins and remain within their risk limits. It has also led to complaints that cyber insurance has become unaffordable, especially for small and midsize enterprises. That, in turn, has led some companies and government entities to eschew, or drop, cyber coverage–a course of action that offers upfront cost savings, but which we believe could also make recovery from a cyber-attack more difficult, and thus potentially have implications on issuer credit profiles.