Cyber Insurance: A Growth Opportunity with Unique Risks

Fitch Ratings’ Report: Cyber Insurance — Risks and Opportunities (Global Non-Life Insurer Underwriting Exposures Examined)

Chicago, IL (Sept. 27, 2017) – Cyber insurance has been a profitable business line for early market entrants and is a rapid growth segment, with global premium volume set to increase six- to eightfold within a decade, Fitch Ratings says.

We expect cyber insurance business to be ratings neutral for most highly rated insurers with sound underwriting, particularly as it represents a relatively modest percentage of individual insurers’ overall premium volume and risk exposure.

Cyber insurance is an emerging business line that presents unique, new risks for insurers. Limited historical loss data creates difficulty in pricing coverage. The nature of cyber risk and the wide variety of potential cyber events add to challenges in quantifying risk aggregations and catastrophe loss potential. A lack of standardized policy language and terms can also lead to meaningful differences in individual carriers’ product offerings, which is a source of confusion and uncertainty for policyholders.

Insurers that lack cyber underwriting expertise, poorly manage their risk accumulations or fail to recognize loss potential from “silent” cyber exposure in their traditional commercial insurance products could face pressure on earnings, capital or even ratings, if large loss scenarios emerge as the market expands. Unduly large cyber risk aggregations of specific insurers may not become evident until after a large or catastrophic cyber event.

The benefits of geographical diversification for an insurer’s credit profile are not necessarily as strong for cyber exposure relative to other insurance lines. Recent ransomware attacks show that digital interconnectedness across the world can lead to a very wide geographic footprint for a single cyber disaster. Risk concentrations may be more correlated to factors other than industry or geography, such as concentrated exposure to one electronic payment processor or firewall system.

The global market for stand-alone cyber coverage is estimated to have grown to between USD2.5 billion and USD3.5 billion annually. Growth is being driven by increasing risk and awareness of cyber attacks, such as the recent theft of an estimated 143 million individuals’ personal data from credit monitoring agency Equifax between May and July 2017. More active cyber regulation in the U.S. is a prime factor behind an estimated 90% of global cyber premium originating there.

Developing cyber regulation in Europe and elsewhere is likely to spark demand for coverage. The European General Data Protection Regulation (GDPR) implementation in May 2018 will introduce more stringent notification requirements that increase awareness of the prevalence of data breaches. The GDPR will also expose organizations to large fines for data breaches – up to 4% of turnover – although it is not clear whether insurance would be allowed to cover these.

The report is available here: Cyber Insurance – Risks and Opportunities.

Source: Fitch Ratings


Tags: , , ,