Blogs
The Big Question: Is the cyber market becoming too soft for the risks it writes?
Major cyber attacks are in the news on a daily basis, from the breach and capture of corporate data to a state sponsored attack which earlier this month paralysed three of the UK’s major hospitals, the threat is seemingly growing.
An example of insurance innovation and a response to a growing class of risks, the evolution of cyber insurance has not been a seamless one. The lack of claims data, the rapid and dynamic growth of technology use in every aspect of personal and business life and a huge uptick in ransomware claims had some underwriters rethink their participation some years ago. The sector looked to have calmed and rate increase had delivered some solid results to the point that reinsurers were taking a more proactive approach to the risks.
However, the class is not immune to the impact of the pricing cycle where all too often the promise of a hard market has seen capacity look to enter what had been for many uncharted territories, and with it drive competition and pressure on rates.
Ian Summers, Global Business Development Leader, AdvantageGo
Xavier Marguinaud, Head of cyber at Tokio Marine HCC International says the cyber market is in a state of flux and there are a number of dynamics that are and will impact the sector.
“The market has been softening for around 6 months now,” he explains. “It is not just a reduction in rates, there are also difficulties experienced in accessing important underwriting information.”
He said the past six months has seen regular negative risk adjustment rates within the insurer’s tracking of the market and with it has come lower attachment points and the wider cover.
“I would describe the market as behaving unwisely at present,” explains Marguinaud. “We are seeing a top line approach and companies looking to write business to hit targets.”
In some ways he says pricing reductions are the least of the market’s worries as underwriters are not demanding a level of data required to technically price the risks.
“We are seeing some underwriters doubling down on lines sizes in an effort to make up for the rate reduction impacting their renewals.”
“Retentions are going down at present and we see a different direction of the market,” he adds. “However, I tell my team that this is a marathon not a sprint.”
“We are seeing claims increase particularly in areas such as ransomware, and the growing geopolitical risks have seen a rise in state supported attacks.”
“Sadly cyber is part of the arsenal used by combatants in modern warfare.”
Marguinaud continues: “I continually tell my team there are no targets to be hit. It is and should be all about good risk selection.”
As the market sees price reductions Marguinaud says brokers have a role to play to support the sector.
“Brokers need to speak to their clients about the current trends in the market,” he explains. “They have a responsibility to educate clients, and they cannot play a role in driving the market down.”
“Brokers have to ensure that the market remains stable and that the class of business remains relevant.”
Marguinaud says the rise in premiums which had been driven by a spike in ransomware claims had seen insurers’ profit rise while claims started to reduce. It created a false impression of safety and in doing so had attracted new entrants who see cyber as a positive class.
“Reality has set in,” he explains. “The market is now starting to recognise the reality of the threats they face. However, we are continuing to see a degree of product evolution, with brokers pushing for broader wordings.”
“The difficulty for underwriters is that the pricing reductions and the broader wordings have come at the same time.”
“I am fine with where the market is as we understand the risks. The difference for the new entrants is that they are not asking for the information which allows them to understand what they are being asked to write.”
“It is difficult, we are in a position where if you ask one additional question it can be the thing that sees the risk go elsewhere. Brokers will say they have five other markets which are not asking those questions and as such they can take the risk to others.”
Marguinaud added that there are growing risks around the threat posed by IT and non-IT outsourced service providers (OSP) who may well prove to be the weak link in a company’s cyber security.
“At present we see companies facing contingent business interruption risks,” he explains. “A client may have 3,000 OSP and the market needs to be able to access the right levels of data.”
“However, as I mentioned an additional question can suddenly prove too much. Loyalty is low at present in the market.”
Marguinaud adds that every and any market is made up of cycles. “For me there needs to be an ecosystem created which will remove the volatility and excesses in those cycles.”
“However, at the end of the day currently there is no consensus.”
Marguinaud says that he expects that the current state of the cyber market will drive change.
“I am expecting the current pricing and coverage trends will start to subside by the end of Q2.”
“Brokers understand the current system is unsustainable. We are seeing cyber attacks on a daily basis. “
“I think the market saw cyber as a short tail business and while it is not as long tail as liability risks the tail is not as short as we first thought.”
“Reinsurers will start to impact market conditions particularly in terms of the level of capacity they are willing to provide for MGAs.” “We are already seeing changes for specific risks, and we are witnessing movement in the United States. That usually takes between three to six months to filter through to the UK and Europe and then slightly longer for Asia.”