Specialist insurer Beazley recently hosted a small group meeting with Paul Bantick, Global Head of Cyber and Technology, and Sarah Booth, Head of IR, which focused on cyber insurance.
According to the insurer, cyber requires significant investment in underwriting and data analytics and cyber experts, but will generate attractive returns.
It believes this speciality focus is why it has generated higher ROEs over the sector, in comparison its peers.
Beazley believes ransomware attacks will continue, with the insurer inevitably set to face and pay claims.
This is however, the nature of insurance and shows brokers and clients the value in the product.
Beazley has noted that it’s the company’s job to manage these exposures and diversification, managing the underwriting, whilst also helping clients mitigate their risk and manage the claims process.
The key debate around the stock is whether cyber is an attritional loss type of business or is the real risk a systemic loss.
Bantick explained that the losses to date have all been attritional losses from individual ransomware attacks, and that is what they expect to continue.
They look and model very closely the potential for systemic black swan events, but on close inspection find it hard to envisage such events.
The company gave examples of large cloud/IT service providers, which could be examples of potential systemic risk, but in reality different companies implement the products in different ways.
Bantick noted that they take systemic risks very seriously, and have been thinking about them and modelling them for the past ten years.
They model the black swan events and how they could impact the company and how they can protect their clients such that they are not vulnerable in the first place. They have also got higher premium for lower exposures, which helps to reduce risk. Reinsurance also plays a key role in preparing Beazley for unexpected cyber events.
The larger corporations customise their IT products and add in additional layers of security, while small to medium enterprises would also host the services differently and indeed some corporates would use the services in ways that minimise exposure.
For example, some people use Microsoft just for email etc and would not necessarily face a loss if the system went down, Beazley’s executives said.
As a result of this, Bantick suggested the single most important thing to protect against the potential of systemic losses, as a cyber insurer, was diversification in terms of client size and of industry.