Cyber risk insurance is the fastest growing segment in property/casualty insurance with an estimated $3 billion in premiums in 2015 and anticipated to triple in four years. Approximately 50 insurance carriers now offer some form of standalone cyber insurance coverage. Cyber attacks pose dangerous risks and uncertainty across industries and insurers' aggressive expansion into standalone cyber insurance could be credit negative according to a report from Fitch Ratings.
"Cyber risks are a broad peril affecting organizations of all sizes and in all market sectors. Insurance losses can materialize from several existing products including standard commercial liability, property, business interruption and professional liability and potentially several unforeseen product lines," said James Auden, Managing Director at Fitch.
Traditional insurance risks and loss expectations such as catastrophe and natural disasters are fairly well modeled and understood, but modeling and available data for cyber risk is in its infancy. An attack on a power grid or other major infrastructure could have a wider geographic scope than a natural disaster or conventional bomb attack, and a lack of past precedents creates numerous questions regarding claims and coverage. The relative newness of cyber risk creates challenges for insurers in establishing policy terms and pricing risk.
"Determining loss exposures from a cyber catastrophe is difficult as it requires an assessment of events that are feared, but not yet experienced in reality," said Auden.
Fitch believes that insurers' ability to monitor and evaluate cyber risks will continue to evolve in the short term, opening up new opportunities to meet growing customer demand. Market limits have been increasing. According to Marsh, McLennan Companies, Inc., large companies, defined as those with revenue exceeding $1 billion, purchased 22% higher cyber insurance limits on average in 2014. The highest limits are being purchased by financial institutions with the lowest limits being purchased by education.
The insurance industry relies heavily on information systems, including mobile devices, to manage and administer their daily operations. Insurers face similar internal operational risks from cyber exposures as their corporate customers face. The onset of cyber threats creates challenges for insurers to securely protect data records, including private customer information, and quickly adapt and recover from any business disruption.
"At this stage, Fitch would view aggressive growth in standalone cyber coverage, or movement to high portfolio concentration in cyber, as ratings negatives. Underwriting, pricing and reserving uncertainties currently outweigh the potential earnings growth benefits," said Auden. Controlled growth as part of a diversified portfolio, coupled with continually enhanced underwriting standards, would generally be neutral to ratings.
- PDF REPORT: Counting The Cost Cyber Exposure Decoded
- PDF REPORT: Safety and Shipping Review 2016
- Two-Thirds Of Business Decision Makers Expect To Suffer An Information Security Breach
- HITRUST CSF Certification Provides Enhanced Coverage And Reductions In Cyber Insurance Premiums
- PDF REPORT: The Threat To Our Cybersecurity Foundation
Latest from Cyber Policy Magazine
- Silent Cyber Added To Willis Re’s Cyber Portfolio Management Tool PRISM-ReTM
- Companies Will Make Major Enterprise Wide Changes To Address Cyber Risk In 2018
- DAS Spain Launches DAS Cyberbullying Insurance
- BDO Advises Urgent Assessment Of Cyber Risk And Warns Against ‘One Size Fits All’ Cyber Insurance
- XL Catlin Introduces CyberRiskConnect - Enhanced Cyber & Technology Insurance Coverage In North America