Erica Davis and Anthony Cordonnier discuss how (re)insurers are adopting new underwriting tactics to address the evolving cyber risk environment.

Cyber insurance

2021 has been a year of change in the cyber insurance market. Recent events have shown that cyber is a risk that requires attention, expertise and solutions. Ransomware continues to dominate headlines with regular attacks across industries and companies of all sizes, while the potential for a major systemic cyber event remains.

What has led us here?  

We’ve experienced a change in loss activity as the sophistication of phishing emails, data theft and ransomware continues to mature, while long-tail privacy-related claims remain a concern.  

Beyond that, economies and societies have become ever more technology-reliant. Cloud usage, remote working and technology service outsourcing have soared, resulting in an expansion of our digital footprint and resulting attack surface. Supply chain risk is less transparent to assess, yet increasingly vulnerable to disruption.  

Recent supply chain compromises over the last 12 months have reignited the uncertainty of cyber risk aggregation. The ripple effect of a ransomware attack on Colonial Pipeline had widespread impact on the US fuel supply chain, and attacks on SolarWinds, MS Exchange and Kaseya severely impacted those companies’ user bases.

Supply chain vulnerabilities in the last 12 months

What has been the market reaction?

Across the industry, loss development assumptions for cyber risk are again being revisited to reflect the effect of the latest claims activity. Responding to a continued uptick in both frequency and severity, this was a year of action for cyber underwriters:

  • Pricing requirements are being recalibrated, with Marsh’s global client base averaging over 50 percent in rate increases in the second quarter of 2021 and rates continuing to climb into the third quarter. Furthermore, underwriters are being more cautious in deploying limits, with co-insurance and sub-limits being used to manage ransomware exposures.
  • In addition to pricing, underwriters globally are increasing the depth of their risk assessments (use of technology vendors, expanding assessment of ransomware and supply chain risk).

How do these actions translate into the reinsurance arena?

Cyber portfolio results will benefit from the implementation of these underwriting tactics.

Globally, cyber reinsurance capacity is being deployed discriminately, with key considerations being performance against peers, strategy in respect of ransomware, and level of transparency and timeliness of data.  

Those dynamics mean cyber risk quantification has never been more critical. The industry must work to develop modelling scenarios that are realistic, relevant and appropriate for cyber risk. Analytic insights will be used to shape views on cyber risk and to determine if it is outside an insurer’s tolerance levels.

Beyond cyber product modelling, Guy Carpenter’s clients are concerned with systemic cyber risk and the intricate methods around managing that risk. The responses to these questions are crucial.

  • In a catastrophic cyber event, how will my portfolio respond?
  • How do I manage the potential downside risk?
  • How can I measure the impact of cyber scenarios across my various portfolios and manage volatility?

Cyber risk is moving quickly. Sharing our collective knowledge and capabilities across our global cyber team and tracking developments across the cyber ecosystem has made Guy Carpenter an agile partner as we offer our clients these insights.