Davis, who was promoted to global co-head of cyber at Guy Carpenter in April, stated that the primary insurance market is witnessing “massive” rate increases driven by the frequency and severity of ransomware claims.

Davis added that primary rates increased significantly in the US during the third quarter, but warned that soaring premiums may not be enough to allay concerns over rising claims.

“There is an acknowledgement across the industry that rate alone won’t solve some of the industry-wide impacts created by ransomware,” Davis told The Insurer TV.

“Across the primary side we are seeing coverage contractions, limit reductions, and we’re seeing greater underwriting discipline being practised.”

Davis said reinsurers have so far been receptive to these changes, noting that most carriers have been supportive of the shifts in their cedants’ underwriting strategies.

“They acknowledge and recognise the fact that cyber is a key growth area across the industry,” she explained.

But the executive noted that reinsurers, like their cedants, are approaching cyber risk cautiously, placing a greater focus on risk management and portfolio clarity to differentiate between clients.

“They [reinsurers] are ingesting more underwriting information and data as part of their due diligence process and they are the deploying capacity discriminately. Reinsurers are looking for an understanding of the underwriting strategy, particularly for ransomware. They want confidence in the underwriting teams and in the leadership, and they are differentiating their cedants accordingly as a result of that,” Davis continued.

Despite greater caution, “very few” reinsurers are exiting the cyber market. Davis explained that those with a track record in the cyber market are supporting treaties and remain “very active in the market”.

“There is an understanding that the last 24 months have really been more about lessons learned, growing pains in the market,” she added.

The reinsurance capacity challenge

Reinsurance capacity remains a challenge, said Cordonnier. The former Swiss Re cyber lead, who joined Guy Carpenter last month, explained that capacity has come under pressure in the last 18 to 24 months with difficulties focused more on the demand side rather than supply side.

“The growth of the direct insurance market, combined with substantial rate increases, means that there’s a gearing effect in terms of capacity needed by cedants, particularly on non-proportional covers,” Cordonnier explained. 

Davis added that Guy Carpenter has been actively trying to source new capacity to support its clients and their portfolios. The executive noted that as cyber is a growing risk, greater participation and thought leadership from the reinsurance community is needed to create a robust and sustainable cyber market.

Cordonnier was optimistic on the market’s prospects for attracting new capital, particularly from the ILS sector. He said Guy Carpenter is seeing growing interest from ILS funds to look at cyber risks, adding that the reinsurance intermediary has already received a positive reaction to opportunities it has presented to investors.  

But the market still has work to do in order to attract alternative sources of capacity, he said.

“We must be able to define what the parameters of a cyber event are. For example, what does a malware attack look like from the perspective of the number of machines impacted? What does a cloud outage look like when we start drilling into actual business interruption losses?” Cordonnier explained.

“We need to be able to structure the risk in such a way that we are able to scale up and build more widespread interest aside from those niche players,” he continued.