The cyber insurance market could benefit greatly from more reinsurance cover but it has been a challenge to attract interest. Part of the reason is because the cyber market is a relatively new one compared to others in the property space with more adequate reinsurance options, according to a panel of experts.
“Cyber in general is a nascent peril, and because of its complexity … a lot of traditional reinsurers … are quite scared and they’re solely trying to understand the risk,” Anjali Dharma-Wardana, an underwriter with the MGA Envelop Risk, said during Carrier Management‘s cyber reinsurance webinar on Sept. 9.
She explained that reinsurers consider taking on risk when they understand how the risk is quantified, and need minimum rates and pricing and other structures to trigger coverage. For cyber, she said, “previously that’s never really happened.” While additional reinsurers haven’t signed on, the market has also struggled to attract ILS capacity or “some other force,” she said, unlike other property cover that’s more established.
Marc Voses, a litigator, cyber expert and partner at the law firm Clyde & Co., agreed.
“We’re in the early stages of this product and the development of the data with respect to the losses are still maturing,” Voses said. “The difficulty is that may of the lawsuits that are giving rise to the losses and many of the regulations that are giving rise to the first party costs are still developing, which are then also increasing costs for insurers and reinsurers because the losses and claims expenses are increasing year-on-year.”
Voses said that as a result, data points from five years ago that were considered good are no longer helpful in evaluating whether or not to take on risks.
“That’s where reinsurers and retrocessioners are finding difficulty in not only pricing, but also the willingness to take on the risk,” Voses said. “The evolution of the data is such that it doesn’t give consistency.”
In the interim, Dharma-Wardana said, the struggle to determine cyber’s true financial risk continues.
“It’s up to industry experts, whether they be reinsurers or modelers or whatnot, to figure out ways to quantify risk,” she said. “Historical data is not super relevant to when you’re trying to look forward for cyber risk especially. But there are different data sources you can try to look at, maybe using some complex or simple statistical techniques because cyber is a digital risk. So you can be creative with the types of data and the models that you build on it.”
Phil Edmundson, founder and CEO of Corvus Insurance, a cyber-focused MGA for small and medium-sized businesses, said that cyber’s nature as a digital risk creates some options to determine risk that enable insurers to quantify risk accurately.
“The fact that it is a digital risk and it’s the way the economy is moving, there’s actually a lot of energy around cybersecurity generally, and a lot of tools that are available for more modern insurers and reinsurers to use in order to evaluate risks, both at the individual account level and at the portfolio level,” Edmundson said.
He noted that both Envelop Risk and Corvus approach cyber risk this way, and he argued this is a positive development to make cyber coverage less risky.
Having “that kind of data infrastructure that collects data, both on individual accounts and in the aggregate allows for analytics to change and move with the nature of risk,” Edmundson said. “It’s a great change for us in the industry.”
That may be, but Edmundson admits that it will take some time for these approaches to become more widespread.
“I do think it’s going to take a couple of years for us to find a new equilibrium because supply is static and demand is increasing immensely,” Edmundson added.
*The full free webinar can be accessed at this link (signup is required).