What is motivating cyber (re)insurance sales? Guy Carpenter’s Cyber Year in Brief and 2020 Outlook explores how the threat of ransomware and associated high costs of regulatory actions have driven clients to purchase cyber insurance cover for the first time, or to reassess the adequacy of currently purchased limits.
Factors driving cyber insurance sales on the direct side include:
• Swelling regulatory pressure driving cyber risk awareness at a governance level. The California Consumer Privacy Act (CCPA) represents one of the toughest data privacy laws in the United States. The CCPA, which took effect in January 2020, requires companies that store large amounts of personal information to disclose the types of data collected and to allow consumers to opt out of having their data sold. Taking a cue from California’s playbook, many other states have introduced their own consumer privacy and data security laws.
• An increase in the frequency and severity of ransomware attacks for businesses across a wide spectrum of industries, geographies and revenues.
• A push for clarification of cyber cover under non-traditional policies, with the goal of eliminating silent cyber uncertainty. This is driving the purchase of standalone cyber insurance as clients realize their traditional policies may not give them the coverage they assumed they had.
• Seamless interconnectivity between digital and traditionally non-digital environments is increasing, highlighting the inherent vulnerabilities of The Internet of Things and operational technology.
• A lack of dedicated resources and a growing awareness of the criticality of getting back up and running following an attack are increasing the realization among clients and small- and medium-sized enterprises of the need for breach response services.
Factors driving cyber sales on the reinsurance side include:
• A 25 percent year-over-year increase in direct sales of cyber cover, increasing the size of insurer portfolios.
• Growing concerns about escalating attritional losses and the fear of a systemic or catastrophic loss despite profitable experience.
• Robust reinsurer appetite to deploy cyber capacity due to favorable loss ratios and a growing premium base.
• Ongoing investment and elevated expertise across the industry that are generating refreshed reinsurance structure design and driving innovative new product development.
• Insurers are clarifying coverages under non-cyber traditional policies and pushing more exposure to the cyber market.
• More sophisticated quantification methods that help to build risk tolerance, develop views of risk and inform reinsurance structures are emerging.
• Increased awareness of catastrophe loading uncertainties and systemic risks.