With cyber attacks and insurance claims on the rise, leading cyber insurers AIG, AXIS, Beazley, Chubb, The Hartford, Liberty Mutual Insurance and Travelers have formed a company to pool their data and expertise and take collective efforts to enhance cyber risk mitigation efforts across the insurance industry.
The new entity, called CyberAcuView, will compile and analyze cyber-related data to enhance value and service to policyholders and help insurers sustain a competitive market for cyber insurance.
CyberAcuView’s activities will be conducted under strict antitrust review and guidance, according to the announcement.
Mark Camillo, most recently head of Cyber, EMEA at AIG, has been appointed CEO.
CyberAcuView is 100%-owned by the founding seven member carriers, six of which are among the top 10 insurers in the market based on 2020 direct written premium, according to AM Best. (Liberty Mutual ranks 14th.) The new company will invite other direct writers of cyber insurance to be associate members, according to its website.
The founding members of CyberAcuView said they will address cyber risk mitigation by:
- providing industry best-practices to improve resilience to cyber risk;
- proactively engaging with regulators, law enforcement and other security agencies to counter cybercrime and the rapid rise of ransomware;
- developing systemic risk solutions and advancing cyber policy language to improve market efficiencies; and
- analyzing cyber trends to provide enhanced visibility on cyberattacks and the causes of loss so that insurers can identify critical controls and educate policyholders on loss prevention strategies.
Joining Camillo on the leadership team is Monica Lindeen, former Montana Insurance Commissioner, who will serve as director of Regulatory Affairs, and James Schweitzer, a veteran of the FBI and former chief operating officer of the National Insurance Crime Bureau (NICB), who joins as director of Law Enforcement Engagement.
“The cyber landscape continues to evolve with coordinated attacks becoming more frequent and disruptive,” said Camillo. “Combining resources from across the insurance industry will allow us to better understand cyber trends, anticipate and potentially mitigate future attacks, and help improve overall cyber resilience.”
The announcement of the collective effort comes after a report by AM Best advised that the industry must totally reassess its approach to cyber risk.
With the cyber risk hazard environment—ransomware, business interruption and aggregation—worsening significantly, “prospects for the U.S. cyber insurance market are grim,” according to the report.
According to AM Best analysts, insurers “urgently need to reassess all aspects of their cyber risk, including their appetite, risk controls, modeling, stress testing and pricing, to remain a viable long-term partner dealing with cyber risk.”
The reassessment is needed because cyber insurance, which began as a diversifying, secondary line and another endorsement on policies, is now a “primary component of a corporation’s risk management and insurance purchasing decisions,” notes AM Best in its report, “Ransomware and Aggregation Issues Call for New Approaches to Cyber Risk.”
Fitch Ratings analysts have noted that while U.S. insurers have been raising prices and taking underwriting action in response to a spike in cyber claims, immediate improvement is unlikely this year from these actions and insurers are worried about the long-term.
“The cyber market faced a reckoning in 2020, as loss experience deteriorated, particularly from an influx of ransomware incidents,’ said Fitch Managing Director James Auden. ‘While cyber premium rates are rising sharply, concerns remain that underwriters can successfully price this business longer term.”
Cyber insurance direct written premiums for the property/casualty industry rose sharply 22% last year to over $2.7 billion, reflecting expanding demand for coverage. The industry statutory direct loss plus defense & cost containment (DCC) ratio for standalone cyber insurance rose sharply in 2020 to 73% compared with an average of 42% for the previous five years (2015-2019). The average paid loss for a closed standalone cyber claim moved to $358,000 in 2020 from $145,000 in 2019.
According to Fitch, cyber insurance is a growing but relatively small business line in U.S. P/C insurance, representing less than 1% of industry direct written premiums. Segment market share remains relatively concentrated, with the top five writers holding 50% market share and the top 20 writers maintaining 87% market share in 2020. The top three U.S. cyber writers are unchanged from the prior year: Chubb Limited (15% direct market share); AXA XL (11%); and American International Group, Inc. (AIG, 8%).
Losses tied to ransomware attacks have become more prominent in the last two years with a number of incidents already this year. Fitch said pricing for cyber coverage has increased at an “accelerating rate” over the last two years.