According to a new report by S&P Global, insurers and reinsurers are exposed to cyber threats, with the potential for a direct attack to impact their operations, potentially costing a significant portion of their average annual earnings.
Re/insurers face various operational cyber risks, including IT system disruptions, outages of third-party IT services, data breaches, defence costs, liability for security events, and ransomware attacks.
S&P highlights that the growing digitalisation of the sector, along with the widespread use of shared networks and services, is increasing insurers’ vulnerability to cyber attacks.
Despite these risks, S&P believes that, on average, global multi-line re/insurers are well-positioned to manage their direct cyber risk exposure. This is due to their advanced risk management systems, strong financial capital, regulatory oversight, and expertise in underwriting cyber insurance.
So far, cyber incidents have had minimal impact on the creditworthiness of global re/insurers. However, S&P warns that this could change rapidly as cyber criminals become more sophisticated. Insurers are prime targets for attacks due to the large amounts of valuable customer data they hold.
S&P concludes that most large re/insurers are likely to withstand the financial impact of direct cyber attacks. Their ability to absorb operational cyber risks is supported by diversified revenue streams and strong capital adequacy, which results from strong and prudential regulation.
