In a reinsurance market beset by challenges, cyber reinsurance is a trend-buster. Cyber insurance underwriting is expanding with unprecedented speed. Growth in demand for cyber insurance outpaced that of all other classes in the US this year. I expect that growth will continue until eventually, world-wide, cyber is as large a class of business as property or casualty, and reinsurers have an instrumental role to play in this development.
Cyber risks are not constrained by geographical boundaries, as recent attacks have proved. The notorious 2017 NotPetya ransomware attack triggered upwards of $3 billion in cyber claims, according to Capsicum Re partner PCS, the Property Claims Services. Most of the claims were made under non-affirmative or silent cyber coverage. The financial magnitude of the event for insurers has altered understandings of silent cyber, perceptions of its character as a substantial multiline peril, since it brought claims in sectors as varied as banking, pharmaceuticals, and shipping. That exposed the potential for substantial multinational losses which cut across multiple portfolios, and damage insurers through accumulation. Because such accumulations could materially alter insurers’ financial position, they are keen to garner reinsurance protection.
The potential for such accumulations has led some reinsurers to steer away from cyber exposures. For those with a bolder risk appetite, this reluctance comes as good news.
An enormous opportunity exists in selective cyber underwriting, supported by increasingly standardised policy terms and conditions. Meanwhile the secondary risk market becomes increasingly attractive as more insureds turn to affirmative cyber, and innovations such as the first and only Industry Loss Warranty for cyber risk (completed by Capsicum Re based on an index devised by PCS) provide reinsurers with retrocessional protection.
As the stand-alone cyber market evolves, and risks are better delineated despite the lack of historical data and the evolving nature of the hazard, many reinsurers are seeking to expand their cyber books by deploying affirmative cyber capacity. Meanwhile modelling tools are evolving rapidly, as something of an arms-race between third-party vendors drives development. Although still in their early stages, data and models are improving very rapidly. Numerous companies have brought tools to the table, including Envelop Risk, which deploys artificial intelligence to model cyber risks; Guidewire, which similarly uses sophisticated analytics; established catastrophe modeller AIR Worldwide, which is working on silent-cyber modelling; and Kovrr, which claims to have developed a ‘fully integrated silent cyber solution’.
As the market moves towards a PC&C structure – Property, Casualty & Cyber – that pace of evolution will increase even more. Standalone cyber premiums are already stimulating expansion of carriers’ cyber expertise, and therefore the market’s ability to underwrite and aggregate cyber risk across sectors. That makes reinsurance of the class a much more secure proposition, and an exceptional opportunity to gain profitable, diversifying premium income in an exciting new class of business which can only continue to grow.
Ian Newman, global head of cyber, Capsicum Re