A new report calls upon the United Kingdom government and cyber insurance marketplace to band together to form a catastrophe reinsurance fund to better combat cyber risk, especially on property damage, third-party liability, and business interruption.
Taking the economy’s reliance on information and communications technology as a given, a new report notes that our cyber world, while vital, is also vulnerable. That vulnerability has been met with improved cybersecurity practices available from a wide range of security firms, as well as a rapidly growing cyber insurance marketplace. However, for the insurance industry to fully address cyber risk, the report, developed by Long Finance and Z/Yen Group and sponsored by APM Group, asserted that a public-private partnership in the form of a catastrophe reinsurance pool would help.
“Cyber risk has the potential to be the biggest, most systemic risk I have encountered in my insurance career. It is big because the information and telecommunications revolution of the past half-century means that computers are now used for practically everything,” said Stephen Catlin, executive deputy chairman of XL Catlin. “It is systemic because the very nature of telecommunications means everything is now connected with everything else. As we move to the fabled ‘Internet of Things’ – i.e. everyday objects sending, receiving, and processing data autonomously – the systemic risk grows exponentially.”
The cyber insurance market in the UK has taken off less dramatically than in the United States, owing to less focus on privacy concerns for consumers and fewer mandates for notification of data breaches. European businesses tend to be far more interested in cyber coverage for physical damage, business interruption, and other potentially more damaging risks.
Citing gaps in coverage and fears of risk aggregation, the report suggests that the UK market for coverage would expand with the assurance provided by a more robust reinsurance mechanism.
“Stiff regulatory capital requirements impede, correctly, insurers taking on too much exposure in the event such aggregation overwhelms them, but stiff capital requirements in the event of a cyber-catastrophe impede the ability of insurers to write ‘normal’ property damage, business interruption, and third party liability cover that includes cyber,” commented Long Finance in the report.
However, the insurance industry itself has not been clamoring for a cyber-catastrophe reinsurance pool. The cyber reinsurance market has begun to expand in recent years, and primary insurers covering cyber risks have been careful to offer limited capacity in many cases. With the pool of cyber data continuing to grow every day, improving underwriting and prices represent the main focus. And rating agencies have determined that today’s cyber insurance marketplace does not face any danger of risk aggregation.
The Long Finance report indicates that the market may need the jumpstart that added governmental financing could provide.
“In the face of rapidly growing cyber-risk, the tools of insurance, i.e. risk management and shared learning, need to be rapidly grown and deployed. To increase the rate of learning, society needs to increase the rate of cyber cover. If society wishes to bring insurance to bear on helping to manage cyber-risk, then cyber-catastrophe reinsurance needs to be available for property damage, business interruption, and third party liabilities in order to remove blockages to rapid take-up of cyber insurance by businesses,” said the authors.
Erin is the managing editor of Advisen’s Front Page News. She has been covering property-casualty insurance since 2000. Previously, Erin served as editor-in-chief of The Standard, New England’s Insurance Weekly. Erin is based in Boston, Mass. Contact Erin at [email protected].
