The re/insurance sector is considerably less concerned about silent cyber exposures than it was in 2018, according to an annual global survey by Willis Re, the reinsurance division of broker Willis Towers Watson.
Analysts believe that the fall in silent cyber claims expectations could stem from the absence of wide-scale cyber events in the 12 months prior to the survey.
This contrasts with the previous 2018 survey, when the NotPetya and WannaCry malware attacks were fresh in the industry’s collective memory.
On the other hand, the broker also acknowledged that the change in perception could reflect progress made by insurers in mitigating their silent cyber exposures.
In property, the number of respondents expecting more than one new cyber claim for every 100 non-cyber claims decreased by 26% since 2018 and by 11% since 2017, Willis Re reported.
Notably, other liability as a class is now broadly perceived as more vulnerable to cyber risk than property, as the expectation of new claims has declined, but remains above 2017 levels.
This could be attributed to headline data breach losses that continued to occur in 2018, such as Marriott, which may be perceived to lead to more third-party claims, analysts suggested. Conversely, there were no headline ransomware or malware attacks in 2018, which may be perceived to lead to more first-party claims.
An exception to the overall trend of the survey was at the most extreme end of the spectrum, analysts noted, where the number of respondents that expected one new cyber claim for every new non-cyber claim increased in every line.
On a more general level, commercial account size played a noticeable role, as respondents were more likely to expect more cyber-related claims when accounts were large, and to expect a decline when they were small.
In personal lines, cyber-related claims expectations were seen as lower than all commercial lines other than workers compensation.
Similarly, perceived cyber risk by industry group was also lower across the board, although on a relative basis there was little change, with IT/Utilities/Telecoms still perceived as the most vulnerable group in property and other liability, and the same for Financial Services in D&O and E&O.
“Multiple factors may be at play in these findings,” said Mark Synnott, Global Cyber Practice Leader, Willis Re.
“While it is likely that publicity surrounding cyber loss events has had a good deal of impact on the findings, I expect that insurers’ efforts to manage their non-affirmative cyber exposures, particularly in property lines, are responsible for some of the increased comfort they feel.”
Peter Foster, Chairman, Global FINEX Cyber and Cyber Risk Solutions at Willis Towers Watson, also commented: “The cyber market is evolving with the peril. These findings show that, even as demand for cyber coverage continues to increase, especially in territories like the U.S. and the U.K., insurers and others in our industry are making progress in gaining control over silent-cyber exposures.”
“It will be interesting to see if 2018 marked the high-point of concern,” Foster added, “or if other factors such as future high-profile loss events again change the direction of silent-cyber claims expectations in 2020.”
Willis Re concluding by considering whether 2018 was really spike and the market is now more relaxed about exposure, or whether a new cyber event could rekindle the heightened concern that was evident in previous years.