Lead Forensics
Cyber Blog Image


The Big Question: Is the cyber market becoming too soft for the risks it writes?

12.06.24 The Big Question

Major cyber attacks are in the news on a daily basis, From the breach and capture of corporate data to a state sponsored attack which earlier this month paralysed three of the UK’s major hospitals, the threat is seemingly growing.

An example of insurance innovation and a response to a growing class of risks, the evolution of cyber insurance has not been a seamless one. The lack of claims data, the rapid and dynamic growth of technology use in every aspect of personal and business life and a huge uptick in ransomware claims had some underwriters rethink their participation some years ago. The sector looked to have calmed and rate increase had delivered some solid results to the point that reinsurers were taking a more proactive approach to the risks.

However, the class is not immune to the impact of the pricing cycle where all too often the promise of a hard market has seen capacity look to enter what had been for many uncharted territories, and with it drive competition and pressure on rates.

Ian Summers, Global Business Development Leader, AdvantageGo

Xavier Marguinaud head of cyber at Tokio Marine HCC International says the cyber market is in a state of flux and there are a number of dynamics that are and will impact the sector.

“The market is softening,” he explains. “It is not just a reduction in rates it is also an easing of the breadth of coverage.”

He said the past six months has seen regular negative risk adjustment rates within the insurer’s tracking of the market and with it has come lower attachment points and the wider cover.

“I would describe the market as naive at present,” explains Marguinaud. “We are seeing a top line approach and companies looking to write business to hit targets.”

In some ways he says pricing reductions are the least of the market’s worries as underwriters are not demanding a level of data required to technically price the risks.

“We are seeing some underwriters doubling down on lines sizes in an effort to access a greater share.”

However, Marguinaud says the current state of the cyber market is reminiscent of the D&O market from 2014-16 when rates were falling as claims continued to increase.

“Retentions are going down at present and we see a different direction of the market,” he adds. “However, I tell my team that this is a marathon not a sprint.

“We are seeing claims increase particularly at areas such as ransomware, and the growing geopolitical risks have seen a rise in state supported attacks.

“Sadly cyber is the new black in warfare. It is now seen as a weapon to be used.”

Marguinaud continues: “I continually tell my team there are no targets to be hit. It is and should be all about the bottom line.”

As the markets sees price reductions Marguinaud says brokers have a role to play to support the sector.

“Brokers need to speak to their clients about the current trends in the market,” he explains. “They have a responsibility to educate clients, and they cannot play a role in driving the market down.

“Brokers have to ensure that the market remains stable and that the class of business is secure.”

Marguinaud says the rise in premiums which had been driven by a spike in ransomware claims had seen revenues rise at a time when claims started to reduce. It created a false impression of the market but in doing so had attracted new entrants who see cyber as a positive class.

“Reality has set in,” he explains. “The market is now starting to recognise the reality of the threats they face.  However, we are continuing to see a degree of product evolution, with brokers pushing for broader wordings.

“The difficulty for underwriters is that the pricing reductions and the broader wordings have come at the same time.

“I am fine with where the market is as we understand the risks. The difference for the  new entrants is that they are not asking for the information which allows them to  understand what they are being asked to write.

“It is difficult, we are in a position where if you ask one additional question it can be the thing that sees the risk go elsewhere. Brokers will say they have five other markets  which are not asking those questions and as such they can take the risk to others.”

Marguinaud added that there are growing risks around the threat posed by non IT outsourced service providers (OSP) who may well prove to be the weak link in a company’s cyber security.

“At present we see companies facing contingent business interruption risks,” he explains. “A client may have 3,000 OSP and the market needs to be able to access the right levels of data.

“However, as I mentioned an additional question can suddenly prove too much. Loyalty is low at present in the market.”

Marguinaud adds that every and any market is made up of cycles. “For me there needs to be an eco-system created which will remove the volatility and excesses in those cycles.

“However at the end of the day currently there is no consensus.”

Marguinaud says that he expects that the current state of the cyber market will drive change.

“I am expecting the current pricing and coverage trends will start to subside by the end of Q2.

“Brokers understand the current system in unsustainable. We are seeing cyber-attacks on a daily basis.

“I think the market saw cyber as a short tail business and while it is not as long tail as liability risks the tail is not as short as we first thought.

“Reinsurers will start to impact market conditions particularly in terms of the level of capacity they are willing to provide for MGAs.

“We are already seeing changes for specific risks, and we are witnessing movement in the United States. That usually takes between three to six months to filter though to the UK and Europe and then slightly longer for Asia.”

Latest Insights