A fierce spotlight has been thrown on cyber exposures by senior insurance industry leaders concerned about the catastrophe nature of the risk and the hidden aggregation issues posed by so-called silent cyber cover in policies.
Cyber exposures are rapidly being framed as the “new catastrophe risk” by insurance executives, as losses such as the June 27 global ransomware attack, which affected numerous businesses including Merck Pharmaceuticals, and Equifax data breach are rumored to potentially cost the insurance market around $1 billion each.
Advisen spoke to senior insurance executives at the CIAB Insurance Leadership Forum in Colorado Springs this week and most expressed deep concern with the aggregation of losses across multiple insureds and lines of coverage from a single event.
Mike Rice, CEO of JLT’s US Specialty division, expected carriers to take a “hard look” at where cyber cover could appear in their policies.
“No one wants to be silent on cyber at the moment,” Rice said. “It is a very uncomfortable position for both carriers and buyers of insurance.”
Stephen Young, CEO of Global Reinsurance at Sompo, likened cyber to property catastrophe risk, but added, however, “you can put a box around property cat. Aggregation is key in cyber – it is not limited to geographies or lines of business.”
Russ Johnston, CEO of QBE North America, noted, “Most major cat exposures tend to have a season. To the extent you have sophisticated models, the market can expect events and project magnitudes. Cyber does not have a season and can cross multiple lines of business and customer segments.”
Pat Ryan, founder, chairman and CEO of Ryan Specialty Group, explained that insurance executives were “anxious to learn” how recent cyber losses would play out, touching cyber policies, property, D&O, and even more.
Ryan noted that the “hidden aggregation risks in cyber” were forecast by market visionaries, including Tom Bolt (then at Lloyd’s), but people did not respond at the time.
“These two claims [Merck and Equifax] illustrate how vulnerable the market is to cyber losses and how huge the losses can be, especially as the plaintiffs’ bar will try to wrap as many parties as possible into them,” said Ryan.
He added, “Clearly people will be learning about their aggregation risk the hard way today.”