Profitability less certain in US cyber insurance market as new risks emerge

Monday, 10 August 2020

Direct premiums written in the US cyber insurance market grew by 11% year over year in 2019 to USD 2.25 billion; however, according to a new report from ICMIF Supporting Member AM Best, the rate of growth slowed from the previous year, marking the fourth year in a row of this trend.

In the recent Best's Market Segment Report, Cyber Insurance: Profitability Less Certain as New Risks Emerge, AM Best notes that growth has slowed significantly from 2016-2017 when direct premiums written grew by more than 30% annually, as the cyber threat landscape has expanded and the awareness of the risks has increased.

According to the report, protracted litigation has demonstrated that cyber-attacks can have a longer tail than expected, underscoring the importance of managing so-called silent cyber. Additionally, the frequency and severity of ransomware attacks have escalated, as have data breaches and kidnaps in the health care industry.

Given the similarities between a pandemic and a cyber-attack, the large-scale global economic and societal disruptions caused by COVID-19 should cause insurers to rethink and enhance their stress testing and focus on greater clarity in their insurance contracts to set transparent expectations for themselves and their clients.

Highlights from this year’s report include:

  • Standalone cyber policy premiums were up by 14% in 2019, notably outpacing the 7% growth in packaged cyber policies and highlighting organisations’ escalating concerns about cyber risk and their strategic choice to purchase policies solely for cyber risk protection;
  • The total number of claims has doubled since 2017 to approximately 18,000 in 2019, which could create a pricing issue if rates cannot keep up with the rising frequency. Moreover, standalone direct paid loss and defence and cost containment rose for a third year in a row, to 32.5% in 2019 from 23.1% in 2018;
  • Chubb INA Group remained the top cyber insurer in 2019, ahead of XL Reinsurance America Group (AXA XL) and American International Group, with USD 356.9 million in cyber direct premiums written, of which nearly all were for packaged policies; and
  • Hartford Insurance Group again held the most cyber policies in force at year-end, with nearly 543,000.

The report notes that AM Best’s market figures likely are understated given lack of standardisation in cyber policies and reporting, as well as a considerable usage of captive and surplus lines insurers to write cyber coverage.

Insurers are making greater efforts to provide clarity and explicitly exclude cyber coverage in non-cyber policies, to diminish or eliminate silent cyber exposures. Clients and businesses are also becoming more sophisticated and want separate cover for cyber, as they do not want other risks (e.g., directors and officers, property) to eat into their aggregate coverage, says the report. AM Best believes that comprehensive risk management practices will help prepare for unexpected shocks when they occur.

In a recent episode of AMBestTV, Fred Eslami, Associate Director, and Sam Hanig, Senior Industry Analyst, both of AM Best, discuss the US cyber insurance market as it continues to expand. They examine the ever-growing threat landscape and potential for heavy losses and conclude that the market’s future appears to be rife with uncertainty.

In the interview Hanig refers to the similarities between a cyberattack and the ongoing pandemic as mentioned in the report saying: “There are a number of striking similarities between the current pandemic and cyber exposure. Both of these risks have no boundaries. They pay no attention to geography. They can both impact supply chains and cause devastating losses for business interruptions.

 “Similarly, both COVID-19 and cyber losses, you can have incurred the harm and not know about it. You can be asymptomatic for COVID, as well as you can have incurred a breach and not be aware about it, unfortunately, until it’s too late or you’ve passed on the condition to somebody else,” Hanig continued.

Hanig concluded: “Insurers need to continue to be mindful, especially at this time of increased exposure with so many employees working from home just to continue to encourage their employees to be cautious, to utilise a VPN. This can help mitigate much of the increased exposure that we’re seeing from the pandemic.”

To access a copy of the Best's Market Segment Report, Cyber Insurance: Profitability Less Certain as New Risks Emerge, please click here.