Are insurers adequately balancing cyber risk and opportunity?

Overview

Companies in all industries are increasingly aware of the potential cyber threats to their businesses, as well as associated risk mitigation and cyber security techniques. Headline generating attacks show that cyber threats are becoming more sophisticated and aggressive. In this context, the market for cyber insurance continues to grow. The current US standalone cyber insurance market is estimated at $2.5 -$3.5 billion annually and is expected to grow by another $2 billion over the next three years. 

The cyber market recently has seen an influx of new entrants. This is likely the result of market-wide favorable combined ultimate loss ratios, which has created additional capacity and in turn a softening market. In this soft market environment, we have observed increasing overall limits. Furthermore, sub-limits such as (contingent) business interruption ((C)BI) sub-limits, are increasing or no longer included in contracts.

PwC’s global cyber insurance survey

PwC recently completed a global survey of specialist writers active in the cyber market. Results indicate that, although the cyber market presents a significant opportunity for insurers, they need to be diligent about the significant risks and downside potential to writing this business, including limitations in historical data and uncertainties in accumulation risk. Moreover, it is still unclear whether or not cyber risks are adequately priced given the increasingly systemic and extreme nature of cyber-attacks. The inevitable market-turning event will separate carriers that have sufficient risk management, underwriting processes and capital in place from ones that do not.

Key highlights from the survey

1. The majority of respondents indicated to have claims data from incidents like data breach, ransomware, malware and phishing. The average number of years of available data is approximately seven years.
2. Because of its potentially systemic impact, cyber related business interruption/contingent business interruption is the scenario that most worries companies 
3. The majority of respondents to our survey reported that they are writing business at combined ratios lower than 80% for the most recent annual period, highlighting the current profitability of these books.
4. Companies are actively using reinsurance to manage the growth of their cyber exposures, with over 75% of companies transferring risk to reinsurers. No respondents indicated using non-proportional reinsurance at the time of the survey.