Lloyd’s Chief Executive Officer (CEO) Inga Beale, told delegates at the Organisation for Economic Cooperation and Development (OECD) conference in Paris recently that the cyber insurance and reinsurance market remains “frustratingly immature” and highlighted partnerships as the best way to tackle the risk.
“In 2016, the stand-alone cyber market reached an estimated $3.5 billion in written premiums…many analysts suggest that this figure will double over the next two years, largely driven by EU regulation on Data Protection,” Beale said.
Despite these outstanding forecasts for growth and the global necessity for firms and individuals to up the ante in mitigation and protection against cyber risk, Beale highlighted that in the last two decades, the cyber insurance market has failed to live up to expectations.
“Evidence of the market’s immaturity can be seen in the relatively low take up of cyber insurance. Whereas many businesses have property insurance, only about 20-35% have specific cyber insurance in the US and Europe.”
This reflects the fact that the re/insurance industry is still coming to terms with the systemic nature of cyber risk, the lack of historical data on the risk, as well as how to provide cover for a risk that is innovating and growing faster than re/insurers appear able to keep up with.
Furthermore, some scepticism remains within the industry, as to whether or not cyber is a risk that can be covered by re/insurers.
Speaking at the 2017 annual reinsurance conference in Monte-Carlo, Swiss Re CEO Christian Mumenthaler, said; “the more you talk to specialists the more you come to the conclusion that it’s more likely that’s probably not insurable.”
Beale highlighted how premiums remain high compared to other classes of insurance; in some cases cyber insurance is up to six times more expensive than property insurance.
In addition, certain policies still don’t cover important losses – like loss of value of intellectual property, and some buyers may be confused over the types of cover available, said Beale.
Mumenthaler has previously called for governments to step up and support the industry on cyber risks, a class of business where the reinsurer wants to be “underweight.”
The Swiss Re CEO likened cyber risks to terrorism, saying that a government supported backstop is required as has been seen with terror risks, “otherwise the public market cannot really develop fully.”
Beale said on the underwriting side, the challenges in detecting and pricing the risk, combined with the potential for large losses is forcing some insurers to tread carefully. Meanwhile, the fast changing cyber risk landscape puts pressure on underwriters to ensure they have products that cover new threats.
Concurring with Mumenthaler’s stance on cyber risk, Beale said; “The onus is not just on insurers to take action. Governments and public bodies such as the OECD can play an important role too, especially around data. Customers are looking for evidence that insurers will pay out on cyber claims before they purchase. More information on the frequency and impact of cyber-attacks and losses would help inform underwriting.
“The market will only realise this opportunity said Beale if it invests for the future and all parties work together to “build better cyber resilience”.
Major ransomware and cyber attacks shook the globe last year, awakening firms and individuals to the higher stakes at risk from cybercrime.
Ransomware attack Bad Rabbit, infected systems across Russia and Ukraine and spread across the globe – as firms were still recovering from the billions lost to the WannaCry and Petya cyber attacks.
However, a recent PCS report said that despite the challenges of covering cybercrime the industry has shown significant progress with policy limits currently five times larger than those of just 4-5 years ago.