The global cyber and errors & omissions (E&O) insurance market has transitioned into a buyer-friendly environment in early 2023, following a period of substantial rate increases, suggests professional services firm Aon.
This shift is attributed to several market factors that have contributed to a more favourable rate landscape for businesses worldwide.
The introduction of new and returning markets has brought fresh capital and increased competition, leading to a deceleration in premium rates. Furthermore, the decline in both the frequency and severity of losses can be attributed to businesses’ efforts in strengthening their security risk controls and enhancing their risk profiles.
Another significant factor is the redirection to more sustainable pricing levels after potential overcompensation for ransomware losses experienced in 2021 and 2022.
Underwriters, now operating at a deeper, technology-driven, and sophisticated level, are closely monitoring global events that could impact cyber claims. Economic changes, geopolitical shifts, and widespread systemic cyber events are among the factors that may impede continued rate reductions.
Aon anticipates that the market will continue to soften due to substantial new capacity and improved loss ratios. This influx of new capital has resulted in a higher global premium pool, particularly in the excess markets, making premium rates for 2023 more competitive than the previous 24 months.
While the market conditions across regions exhibit similarities, it is essential to acknowledge existing differences. Capacity, loss trends, pricing, and coverage vary across the globe. War exclusions, infrastructure exclusions, and the treatment of “widespread events” have become focal points in the terms and conditions of cyber insurance policies.
Updated war exclusions have been introduced but lack consistency in the global cyber insurance marketplace. Infrastructure exclusion updates, specifically in the digital environment, necessitate careful analysis and discussions between brokers and insureds.
Limiting coverage for widespread events or outages aims to solidify the future of cyber insurance but may undermine its value proposition for businesses relying on third-party providers for technology and security outsourcing.
While the underwriting process remains rigorous, it has become more accessible for businesses that are well-prepared to share their security narratives. Building the right team and investing resources across the organization can lead to improved coverage results at renewal.
Taking advantage of the market improvements, businesses are encouraged to initiate the renewal placement process early and foster relationships with insurers. Companies have become more proactive, collaborating internally to devise robust strategies for contractual risk management, information security, privacy, and operational continuity. Early engagement empowers risk managers to maintain control and navigate potential challenges during the renewal process.
David Molony, Head of Aon’s Cyber Solutions for EMEA, acknowledges the significant shift in market dynamics, stating, “Where businesses were constrained by availability in 2021 and into 2022, it is now vastly different. Instead, buyers should now be looking at mitigating their exposure — taking advantage of the market at the expense of sacrificing coverage to help save short-term premium dollars.”
North America’s cyber insurance market experiences growing capacity, declining loss frequency, and decelerating rate increases in 2023, while buyers should pay attention to changing war exclusions and other coverage considerations, such as privacy concerns and emerging exclusions related to biometric information, pixel tracking, and Video Privacy Protection Act (VPPA) exposures.
In the UK/EMEA region, insurers are focused on expanding their cyber portfolios, while loss ratios have improved but ransomware activity has increased in Q1 2023. Market competition and a favourable rate environment are expected to benefit businesses in terms of pricing, while underwriters remain cautious about potential cyber disruptions stemming from the conflict in Ukraine.
In the APAC region, capacity is expanding, with local and global markets targeting growth, while loss trends show a decline in incident frequency but continued focus on ransomware exposures and data breaches. Pricing has seen a deceleration in rate increases, with potential rate reductions on excess layers during renewals. Coverage considerations emphasise a detailed focus on security for improved coverage, with updates to war exclusions and a trend towards broader coverages available prior to 2020.
In LATAM, capacity remains stable with potential for expansion, while major cyber attacks, primarily ransomware, have impacted various industries. Pricing has stabilised, and underwriters are focusing on attachment points, cyber extortion sublimits, and coinsurance. Coverage enhancements have been limited, with a focus on clarity rather than expanding coverage.