Cyber risk ranked among the significant opportunities the insurance industry can capitalize on over the next five to 10 years — if insurers can strike the right balance on underwriting and pricing, according to a new report from Aon Benfield.
Termed “a headline-grabbing potential risk,” cyber joined reputational risk, terrorism, microinsurance, mortgage credit, and corporate liability in Aon’s evaluation of the marketplace for insurance. Longstanding risks are not driving the “robust” growth needed for the industry, according to the report, and emerging risks may pick up the slack.
“The massively interconnected nature of commerce today has created a network of new emerging risks. Emerging risks are marked by fragility and unexpected consequences that challenge traditional insurance covers. In some cases insurance has even become a bottleneck to further innovation. Risk owners are demanding new solutions for these emerging risks,” commented the firm in the 10th edition of its Insurance Risk Survey. “Emerging risk lines will be the growth engine for insurers over the coming decade, providing coverage against perils like cyber, reputation and brand, social media, corporate liability, and risks related to the sharing economy.”
Using its annual Global Risk Management survey as a guide, Aon noted that for the first time, risk managers have highlighted cyber risk as a Top 10 risk this year – opening the door further for an already expanding cyber insurance market. Aon observed that cyber risk presents significant challenges for insurers, but the “customer need is clear.”
“And if the private market does not provide solutions, it may fall on governments—and taxpayers—to provide a backstop, as has been done for flood risk and for terrorism,” commented Aon, noting that since the U.S. government stepped in with the Terrorism Risk Insurance Act in 2002, terrorism went underinsured by the private market.
“There are reasons to believe that cyber will follow a different course. Cyber risk has the potential for a much more robust data set than terrorism, given the daily occurrence of cyber attacks. Moreover, while terrorist attacks imply a significant concentration of risk, cyber exposures are relatively well distributed. And loss control efforts can reduce the frequency and duration of data breaches,” Aon commented. “This is not to deny the considerable questions and uncertainty that currently surround cyber risk and insurance. Cyber insurance products struggle with clear loss triggers and an objective determination of loss severity. And the main threat to businesses—damage to reputation and brand—is not insured.”
Aon also noted that the real value of cyber insurance is as yet unknown even to buyers, stating, “A survey conducted by Aon and the Ponemon Institute this year found that nearly 40 percent of the surveyed companies assess their cyber risk based on either gut feel or no assessment whatsoever. And the survey shows that on average, companies insure only 12 percent of their estimated cyber PML levels, versus insuring over 50 percent of their property PMLs. Yet 72 percent of companies say that their cyber insurance coverage is sufficient. These numbers suggest a market in which many companies are still grasping for a basic understanding of the risks to which they are exposed. Insurers and brokers have a significant opportunity to help educate companies on the risks they face.”
