Reinsurance News

“Little evidence” that reinsurance will respond to silent cyber events: GC’s Siobhan O’Brien

20th June 2019 - Author: Matt Sheehan

There continues to be “little evidence” that reinsurance programs will respond as planned to a silent cyber event, despite recent regulatory efforts that have aimed to quantify exposure.

Cyber risk insurance and reinsuranceThis is according to Siobhan O’Brien, Head of the Cyber Center of Excellence for International and Global Specialties at Guy Carpenter, who outlined in a recent article on Brink News how silent cyber still poses a “dynamic challenge” for the global insurance and reinsurance industries.

O’Brien noted that regulators have begun to formalise capital requirements, as well as quantitative and qualitative measurements of risk appetite, in response to the “catastrophic potential” of silent cyber events.

This potential was highlighted last year by attacks like WannaCry and NotPetya, the systemic damages of which have shifted the conversation away from data breaches, notification costs and third-party liability to first-party liability and business interruption.

In the UK, the Prudential Regulation Authority (PRA) has taken steps to enforce better silent cyber management, O’Brien said, following a 2015-16 study that found deficiencies in insurers’ cyber strategies, risk appetites, and methods for quantifying exposures.

It also uncovered a level of uncertainty regarding the response of reinsurance programs, a limited ability for risk managers to challenge business strategies, and a lack of movement in pricing, she added.

The PRA recently issued its findings to industry CEOs, in particular stressing the high risk of silent cyber in casualty, financial, motor and A&H lines, although views of silent exposure within property, marine, aviation and transport and miscellaneous lines varied.

In addition to uncertainty about the response of reinsurance programs, the PRA pointed to a significant divergence in modelled losses among companies.

The regulator did, however, identify a widening of affirmative cyber coverage for business interruption, contingent business interruption, and reputational damage.

“This underlines the inherent uncertainty in available cyber models and the lack of reliable claims data,” O’Brien wrote via Brink News.

“The heightened need for formalized risk appetites and board-agreed cyber strategies increases the importance of developing bespoke scenarios for particular portfolios,” she explained.

“But there has been limited progress on modeling non-affirmative cyber risk, despite industry recognition of the need to continuously develop its cyber knowledge.”

Print Friendly, PDF & Email

Recent Reinsurance News

Getting your daily reinsurance news from Reinsurance News is a simple way to receive only the reinsurance industry news that matters, delivered directly to your email inbox.

  • Only email is mandatory, but the more you tell us about yourself the better we can serve you in future!
  • This field is for validation purposes and should be left unchanged.

By submitting the form you are giving your consent to be emailed by us.

Read previous post:
Etienne Bouas-Laurent to succeed Gérald Harlin as AXA CFO

Global re/insurer AXA has announced that Etienne Bouas-Laurent will become its new Group Chief Financial Officer (CFO), taking over from...