Companies in all industries are increasingly aware of the potential cyber threats to their businesses, as well as associated risk mitigation and cyber security techniques. Headline generating attacks show that cyber threats are becoming more sophisticated and aggressive. In this context, the market for cyber insurance continues to grow. The current US standalone cyber insurance market is estimated at $2.5 -$3.5 billion annually and is expected to grow by another $2 billion over the next three years.
The cyber market recently has seen an influx of new entrants. This is likely the result of market-wide favorable combined ultimate loss ratios, which has created additional capacity and in turn a softening market. In this soft market environment, we have observed increasing overall limits. Furthermore, sub-limits such as (contingent) business interruption ((C)BI) sub-limits, are increasing or no longer included in contracts.
PwC recently completed a global survey of specialist writers active in the cyber market. Results indicate that, although the cyber market presents a significant opportunity for insurers, they need to be diligent about the significant risks and downside potential to writing this business, including limitations in historical data and uncertainties in accumulation risk. Moreover, it is still unclear whether or not cyber risks are adequately priced given the increasingly systemic and extreme nature of cyber-attacks. The inevitable market-turning event will separate carriers that have sufficient risk management, underwriting processes and capital in place from ones that do not.