S&P Global Offerings
Featured Topics
Featured Products
Events
S&P Global Offerings
Featured Topics
Featured Products
Events
S&P Global Offerings
Featured Topics
Featured Products
Events
S&P Global Offerings
Featured Topics
Featured Products
Events
Language
Featured Products
Ratings & Benchmarks
By Topic
Market Insights
About S&P Global
Corporate Responsibility
Diversity, Equity, & Inclusion
Featured Products
Ratings & Benchmarks
By Topic
Market Insights
About S&P Global
Corporate Responsibility
Diversity, Equity, & Inclusion
The insurance industry faces threats from cyberrisk in more ways than one. From battling extortion attacks to wrestling with war exclusions, cyber insurers are combatting risks beyond database breaches. Our latest technology research roundup explores the cyber and insurance space, where technology and environmental, social, and governance (ESG) risks converge.
Published: February 10, 2020
Insurance professionals and their business clients have made important strides clarifying coverage for losses from hacks, according to a recent survey.
As the number of high-profile breaches mounted, uncertainty over whether those attacks would be covered by insurance became a growing risk to the industry's reputation, said Andrew Laing, PartnerRe Ltd.'s head of global cyber and emerging risks. Concerns over so-called silent cyber risks increased as clients expected to be covered by commercial policies that did not mention internet-related vulnerabilities one way or the other.
Respondents to an annual survey conducted by PartnerRe and Advisen Ltd. indicated a decreasing overlap between cyber coverage and more traditional policies and a trend of underwriters and brokers more clearly outlining protection from hack losses. But concern among insurance professionals has not dissipated, with 67% of survey respondents saying they were still worried about the presence of silent cyber expectations lurking among clients of specialty property insurance.
Key Takeaways
Cyber liability insurers have been taking on previously unwritten risks as companies expand coverage in the sector while keeping prices steady.
Capacity has grown sharply even as losses rose in recent years, said Joe DePaul, Willis Towers Watson PLC's head of cyber and E&O for FINEX North America. That has led to a competitive pricing environment.
Losses climbed as database breaches surged across the globe, and as managing and responding to attacks have become more expensive, Willis said in an annual report on cyber risk. However, no loss events have been catastrophic enough to frighten away new entrants or tamp down ever more generous terms and conditions, DePaul said.
Key Takeaways
The target market for cyber liability insurance is expanding beyond the largest financial, healthcare and retail companies to local contractors that work with those big names and may represent an outsized level of risk.
Indemnification for cyber breaches is becoming part of the requirement for doing business with larger companies, said Ari Vared, vice president at broker CyberPolicy.com. More of those larger companies are requiring their third-party contractors to buy policies as part of their own cyber liability protection, Vared said in an interview.
"Anytime they have a third party that is connecting into their system, there's this massive element of risk that they have no ability to control through their own cybersecurity measures," he said.
London market insurers are working to clarify the war exclusions in cyber insurance policies amid concerns about an increase in state-sponsored cyberattacks.
While progress is being made, there is little consensus on what constitutes modern-day war, and insurers are trying to strike the difficult balance between providing sufficient cover and avoiding financial ruin.
Key Takeaways
Cyberrisk will make its way to the insurance-linked securities market "sooner than later," according to Paul Schultz, CEO of broking group Aon PLC's investment banking division, Aon Securities.
A number of hurdles exist to the transfer of cyberrisk to the insurance-linked securities, or ILS, market, such as the relative lack of sophistication of cyberrisk models and the potential for cyber losses to be correlated with other risks in investors' portfolios. But speaking to S&P Global Market Intelligence at the reinsurance Rendez-vous in Monte Carlo, Schultz said: "I think we're closer."
Key Takeaways
Shadowing the rapid growth of cyber liability insurance has been an ominous trend of more frequent cyber extortion hacks with higher monetary demands, attacks so effective that victims increasingly feel pressured to pay the hackers off quickly.
The cyber insurance market has expanded rapidly but still lacks the historical loss data on which underwriters in most lines rely to design and price coverage. Insurers have long offered extortion and kidnap coverages, but law enforcement has traditionally counseled against paying criminals' demands because doing so encourages more attacks.
Key Takeaways