Growing pains: cyber insurance still young and volatile

By Rebecca Bole on November 30, 2014

cybersecurityframeworkLONDON–Premium rates, wordings and available capacity in the cyber insurance market will continue to fluctuate widely for the foreseeable future, according to experts speaking here at the Institute of Risk Managers cyber risk forum.

Speakers at the November 27 conference cited numerous reasons for the flux, including a lack of claims and event data, a constantly changing threat landscape, a three-four year timelag on claims development and carriers moving capacity in and out of the space.

Nigel Pearson, global head of fidelity at Allianz Global Corporate & Specialty, noted that one reason behind rating inconsistency was the “constantly-moving regulatory and threat landscape.”

“A broker can go into the market with 1 risk and get quotes that are miles apart, because no-one knows what the correct premiums are,” Pearson said.

“This is one of the only markets where you sell a product and you don’t know the major costs until three-four years down the line.  The major problem with cyber is that the goalposts are moving constantly – It’s hard for carriers to keep up with the changes and develop a reasonable rating rationale.”

Andrew Rogoyski, head cyber security services at CGI noted that it took decades for the property insurance market to build sufficiently robust data sets to quantify risks and develop pricing models. In contrast, breach reporting regulations were introduced in the USA within the last decade and therefore loss data is very immature.

Europe is expected to pass legislation next year that will enforce notification standards across the region. The anticipated implementation date for the new laws is 2017. To date, notification of data breaches in the UK and Europe has been sporadic or voluntary, with little incentive to disclose a breach, Rogoyski said.

Rogoyski also noted that the market would have to work through many more claims events in order to settle on standard wordings and definitions.

“The cyber insurance market will take a very long time to stabilize and we don’t know what it will look like once it does,” Rogoyski said.”We would be unwise to put too much faith in something so young.”

Allianz’s Pearson predicted that choice of carriers for cyber insurance will shrink in the near future, noting rumors of US carriers withdrawing from writing cyber insurance for the beleaguered US retail sector. Pearson said that the market will “settle at around 10 carriers”, down from the 30+ carriers offering primary capacity today.

“The market will grow, but there will be casualties along the way,” Pearson said.t

Rebecca Bole is EVP & Editor-in-Chief at Advisen. She has nearly 20 years of experience in the international insurance markets, both as an underwriter and a journalist. Contact Rebecca at rbole@advisen.com.