In a recent video interview with our sister publication Artemis, Tom Johansmeyer, Head of PCS, discussed the subject of cyber risk, current cyber risk trends and how the insurance-linked securities (ILS) market can play a role in provision of reinsurance and retrocession capacity.
During the interview Johansmeyer discussed that ransomware is just one piece of the overall cyber reinsurance market issue, however it is quickly becoming one of the largest ones.
“Interestingly, the T Mobile breach has impeded the ransomware discussion, which gives you a sense of how big ransomware is. It’s ongoing, it’s difficult, it’s messy,” he explained.
Due to the size of the issue, Johansmeyer discussed that without some kind of state level ransomware solution it becomes a lot harder to manage.
He further noted that people within the industry have suggested this type of risk should be put into to a pool, either an existing risk pool such as one for terrorism, or with the development of a new cyber risk pool mechanism.
Discussing putting ransomware into a terror pool, Johansmeyer explained how he believes this wouldn’t be right, since ransomware isn’t terrorism.
“First off, ransomware is not terror. Let’s be really clear here, if I put a gun to your head and say I want to make a point, politically, religiously, or for some social purpose, that is terrorism. I put a gun to your head telling you to give me your wallet, that’s commercial,” he explained.
“So that dynamic is different, that thread is different, so if you put that kind of risk into a terror pool it stands out like a sore thumb, so it doesn’t make sense to me.
Disagreeing with the idea of ransomware meaning the government should step in, he said: “It’s too early to start ceding risks to the taxpayer, without an insurance market effort.
“So, if we had diplomatic engagement that could at least ring-fence certain types of risk, where if ransomware gangs go after a hospital for example, then diplomatic measures on the host country would squeeze it and so forth.
“I think that sort of dynamic might give us some elbow room. Putting it into a pool, doesn’t change the nature of the risk, doesn’t change the nature of the cost to society. I’m not convinced that a pool is the right mechanism.”
But some diplomatic support for insurance and reinsurance industry initiatives can help the market provide a more functional level of protection, while enabling reinsurers to provide important capacity to support primary cyber risk underwriters
“You have a more manageable business risk environment, and it gets easier to write,” Johansmeyer explained.
The full video interview is embedded below and can also be viewed in full, along with previous Artemis Live video interviews, over on our YouTube channel.
You can also listen in audio to our interviews by subscribing to the Artemis Live podcast here.
