Consider the fact that cyber crime already exceeds $700 billion per year, according to S&P Global, but insured cyber losses are still only around $5 billion. Are we reaching a point where insurers talk to their clients about being mandated if loss ratios do not improve?

That was one of the main points from a panel discussion “Insurers grapple with a new (and rapidly changing) landscape” on Intelligent Insurer’s Re/insurance Lounge, an online platform where interviews and panel discussions are available on demand.

The event featured Kassie Bryan, head P&C Solutions Americas at Swiss Re; Seth Rachlin, global insurance industry leader at Capgemini; and Scott Bailey, divisional managing director of cyber at Markel International.

Cyber insurance growth is not adequate

Bailey said it is alarming to see how many clients say “this will never happen to me”.

“It can, and it will happen to you, and the reality is financial ruin,” he said. “With so many products and risk mitigation tools available, there is still an alarmingly low take-up of those cyber insurance offerings,” he added.

“Given the importance of technology in our lives, the market is expected to reach in the region of $20 billion by 2025.”

Bryan said the reinsurer estimates the current size of the market to be in the region of $5 billion, with an anticipated growth rate of 20 to 30 percent.

“The global cyber insurance market is maintaining solid growth momentum and cyber risks to businesses have increased significantly alongside adoption of more digital working during COVID-19 lockdowns,” she said.

Rachlin admitted that he is astounded by the slow growth of the cyber insurance market. “The estimated annual cost of cyber crime already exceeds $700 billion, but insured cyber losses are still only around $5 billion,” he said.

“In my opinion, we have not even come close to fully grasping the extent of the risk out there, and therefore the question must be: why is the cyber insurance market growing so slowly?”

Bryan added that the scope of the market and the risks have changed, and that COVID-19 has been a global teacher. She said that with remote working as well as broader economic changes, people and businesses may now be able to better acknowledge and recognise those ever-changing risks and the adequacy of their policy coverage.

“COVID-19 has provided its own education in terms of cyber risk. With remote working, cyber losses have increased significantly,” she said. “Criminals are simply looking for an easy way to break in and no matter how good your security is, criminals will continue to advance.”

Rachlin said that even prior to the COVID-19 pandemic, cyber risk was the top peril for organisations globally. “It ranged from business interruption to ransomware, and let us not forget that now we have the added complication of supply chain risk,” he said.

“With remote work, there is a cascading effect, and every supplier is a point of entry.”

Loss ratios could shift the market

The threat landscape is changing at such a rapid rate that insurers may need to reconsider their strategic aims and objectives around their cyber offering, Rachlin said.

“The threat landscape is changing at such a phenomenal rate that we may ultimately see that insurers are left with no choice but to move from a risk transfer to a risk-sharing scenario,” he said.

Bailey added: “There is real value in the things we know and the things we have seen. If loss ratios don’t improve, we may reach a point where insurers mandate that those risk mitigation tools are used rather than just being optional.”

He went on to say that the future of pricing will be impacted as we see a supply and demand dynamic dictating the market and that new forms of re/insurance capacity will begin trickling through.

“There will be a risk-by-risk approach to pricing with a 20 to 30 percent increase in pricing,” he added.

Bryan said that cyber is an evolving risk and in future the industry might need to adapt its products for different clients at adequate prices to close the protection gap in a more sustainable way.

She explained that pricing changes will depend on what mitigation strategies clients have in place. “It follows that as exposure increases, so will pricing changes and costs will depend on what mitigation strategies people have in place.”

Bailey agreed that there may be a possibility for some bespoke offerings.

“Sustainability will become a key factor and it may no longer be a one-size-fits-all scenario and we may see some tailored offerings come out in the future,” he said.

Rachlin called for greater collaboration and said that cyber insurance must become woven into the fabric of our society.

“There is a tremendous future for the cyber insurance market because in the end it must form part of every business,” he concluded.

To view the full Re/insurance Lounge session click here

Image courtesy of Shutterstock / Everett Collection