The cyber insurance market potential is huge, with premiums likely to exceed $50 billion by 2030, according to a new report by global insurance broker Howden.

With the potential to rival major P&C lines, future growth will be centered on successful distribution, tail risk management and attracting capital.

Howden’s third annual cyber report, Coming of Age, indicates the foundation for the cyber insurance market to scale up is already in place.

Fluctuations in the market, the result of a major correction due to surging ransomware claims in 2020 and 2021 that led to cyber premiums more than doubling and more robust risk controls, slowly stabilized.

The report cites developments in 2023 that point to a more nuanced marketplace, “with optimism around more favorable supply dynamics for insurance buyers (off the back of improved underwriting performance for insurers) tempered by resurgent ransomware activity, ongoing concerns about potential systemic losses and capital availability.”

A significant rise in ransomware attacks was report in the first quarter of 2023; however, carrier disclosures indicate there hasn’t been a corresponding rise in claims.

The risk controls put in place prior to 2023 have led to a more resilient market able to withstand the losses associated with it, the report found.

Buyers with correct risk controls already in place are seeing more favorable pricing and terms.

Though this shows a more stable market, the Howden report indicates more work needs to be done to meet the growing demands of clients worldwide.

“By overcoming potential limitations around systemic risk, penetration and capital, the cyber insurance market has an unparalleled opportunity to grow,” the report states.

While the cyber warfare exclusion was met with disdain, it was a necessary limitation to safeguard market protection as a whole.

“Getting this right is crucial for the sustainability of the cyber market. By providing a framework designed specifically for cyber’s unique risk profile, clients will be offered more certainty around the parameters of cover and what is insurable and what is not,” said Sarah Neild, head of UK Cyber Retail. “The process of defining the limits of cover specific to cyber acts of war will help to fulfill the potential of this market, but only if the clauses are fit for purpose and clients’ needs are met.”

Wider adoption of the war language is likely, the report notes.

“With one of the largest global reinsurers steadfast on the application of their war language, wider adoption seems inevitable, despite carriers’ disparate views on what adoption should look like,” Neild added. “Increased uniformity on this topic would ultimately help the market secure relevance for the long term.”

Increasing penetration will be necessary for future growth to happen.

Pricing increases in in the past led to future growth, but the first half of 2023 has seen the market flattening.

“Having navigated the early phases of development that often come with new, fast growing lines of business, the cost of cyber insurance is now more commensurate with loss costs following the recent correction. Whilst the first half of 2023 has seen pricing decline, the sustainability of this trend remains uncertain given the pervasive threat environment,” said Dan Leahy, associate director.

Leahy added that rates shouldn’t be relied on to drive market expansion.

Rather, “penetrating new territories and company demographics is therefore pivotal to realizing the full potential of cyber insurance,” he said.

Another change needed, is market expansion to mid-size and smaller companies.

The report found that in France, 85 percent of the premiums paid for cyber insurance in 2022 came from large companies. The remaining 15 percent came from midsize companies and SMEs but were responsible for a disproportionate share of reported claims.

The use of reinsurance is the single biggest differentiator between cyber and any other class of business, the report notes.

Approximately 45 percent of cyber premiums are currently ceded to reinsurers, where broad capacity constraints and price corrections present potential limitations.

To scale up to rival other major lines of business, the Howden report states that cyber reinsurance supply will need to increase significantly to meet demand between now and 2030.

Cyber insurance premiums would need to increase more than three times to fulfil growth expectations by the end of the decade, the report adds.

Consensus on risk definitions along with product innovation around systemic exposures are already attracting third-party investors, Howden added.

“Maintaining focus and momentum in this area will be crucial to seeing alternative capacity becoming an integral part of the cyber market’s capital structure,” the report states.

To grow in new territories and different economic markets, cyber insurance must be shown to be relevant to clients of all sizes.

“Attracting capital is also crucial to this goal,” the report states, “a task which should not be underestimated given current macroeconomic challenges and capital constraints.”