Evolving consumer demand and increased regulation and awareness of cyber risk are driving an expected near-term exponential market growth, and reinsurers who have so far cautiously tread into the cyber space through quota share arrangements with insurers are making bolder moves to directly take on the risk, Aon Benfield said in its latest global cyber market overview.
The cyber market – already growing by 30% year on year globally – is being driven by expanding Personally Identifiable Information (PII) programmes, increased awareness and regulation of cyber threat, increased availability of modeling data, and the vast but still nascent potential of the soon-to-boom European and global cyber market.
“The increasing awareness of exposure to cyber incidents and the potential impact onto a company’s business has driven the demand for larger limit programs and broader coverage terms. 2016 saw dramatic changes in capacity for PII cyber programs.
“While two years ago, it was generally understood that the largest PII programs were approximately $300m in total capacity, this increased in 2016 where a number of programs with $500m in aggregate limit were built for financial institutions and FinTech companies.”
The U.S. cyber market is leaps and bounds ahead of the remaining developed markets; Aon Inpoint estimates the U.S. standalone market will grow from $1.5 billion in 2015 to $5.6 billion by 2020.
Factors driving growth in the U.S. are legislation, number of breaches, increased awareness and higher costs of cyber attacks, and these components are spreading into the comparative fledgling European and global markets.
European premium is estimated at $135 million for 2015 for the standalone cyber market (hence not including premium for bundled cover) – with the Global Data Protection Regulation expected to act as a catalyst for further growth, Aon said.
As events like the recent ransomware attack raise the cyber risk profile globally, the nature of cyber cover demand is extending beyond data breach cover to include financial losses and property damage resulting from system failure or cyber incident.
And Aon Benfield noted that more standalone cyber treaties are expected to emerge in the future as modeling data and developing underwriting capabilities become increasingly available.
Michael R. Moran, Chief Executive Officer of Aon Inpoint, commented that firms are “more exposed to potential cyber-attacks and related threats than ever before” as they operate “in a continually evolving digital and technology inter-connected environment.”
“In this context, the insurance industry will play an important role in helping companies manage their exposure to potential cyber perils and new risks through both existing and still-to-be developed solutions.
“It is key for insurers to actively develop a strategy, establish partnerships with cyber security firms and look to knowledgeable experts outside the insurance industry to build a competitive edge. An understanding of these current and emerging risks, clear strategy and rapid positioning are essential for success.”
However, competition is growing along with the booming opportunity; where London players specialising in cyber had once capitalised on an early market advantage, they’re now facing growing competition from domestic carriers who are moving into the market to seek out their share of the opportunity.
A new pedigree of innovative cyber services businesses has emerged, offering risk mitigation to risk transfer and post-incident solutions, Aon Benfield said these had gained an estimated global revenue generated excess of $100 billion in 2015.
So far, the reinsurance market has played an active part in supporting cyber insurers, Aon Benfield said in 2015 globally about $525 million of reinsurance premium was placed with 95% written via quota share programmes, as “insurers have remained cautious about holding too much cyber risk on their balance sheet and have looked for simple reinsurance mechanisms to offload some of the exposure.”
However, the reinsurance market is still in its early stages of development into cyber risk, and as understanding of the risk becomes more sophisticated, reinsurers are expected to start underwriting cyber directly.
Although Aon Benfield said reinsurers remain “conservative about their overall exposure to cyber risks and often require loss occurrence caps for business interruption on quota share treaties,” over “15 reinsurers actively write standalone cyber treaties and the number is increasing. Some of them have been supporting the cyber reinsurance market for over a decade. They have built their book over time and are able to over 20- 30% line participation on quota share treaties. “
