“Global cyber insurance market set to reach $7.5 billion threshold by 2020” states PwC report

The global cyber insurance market could grow to $5 billion in annual premiums by 2018

The global cyber insurance market could grow to $5 billion in annual premiums by 2018

The global cyber insurance market could grow to a value of $5 billion in annual premiums by 2018 and at least $7.5 billion by the end of the decade. That’s the considered viewpoint espoused in ‘Insurance 2020 and Beyond: Reaping the Dividends of Cyber Resilience’, a new report issued by PwC.

Previous research conducted by the company has revealed that 61% of business leaders across all industries view cyber attacks as a threat to the growth of their company, while 2014 saw an average of 100,000 global security incidents every day.

Paul Delbridge, insurance partner at PwC, told Risk UK: “Given the high costs of coverage, the limits imposed, the somewhat tight Terms and Conditions and the restrictions on whether policyholders can claim, many of those policyholders are now questioning whether their policies are delivering real value. There’s also a real possibility that overly onerous Terms and Conditions laid down in policies could invite regulatory action or litigation against the insurers involved.”

Delbridge continued: “As Boards of Directors become increasingly focused on the need for safeguards against the most damaging cyber attacks, insurers will find their clients questioning how much real value is offered in their current policies. If insurers continue to simply rely on tight blanket policy restrictions and conservative pricing strategies designed to cushion the uncertainty, they’ll be at serious risk of missing the rare opportunity to secure high margins in a soft market.”

In a stark warning, Delbridge added: “If the industry takes too long to innovate, there’s a very real risk that a disruptor will move in and corner the market with aggressive pricing and more favourable Terms and Conditions.”

Capitalising on the opportunity

PwC suggests that insurers, reinsurers and brokers can capitalise on the cyber risk opportunity while managing the exposures by maintaining their own cyber risk management credibility through effective in-house safeguards against cyber attacks.

Also, the robust modelling of exposures and potential losses will provide a better understanding of the evolving threat and could encourage more reinsurance companies to enter the market.

PwC believes that there’s an overriding need to identify concentrations of exposure and systemic risks in what is now an increasingly inter-connected economy. The evaluation of probable maximum losses and extreme events/scenarios is key. They should be monitored and modified on a regular basis as new types of attack arise.

Equally important is the monitoring and assessment of trends in frequencies and severities when it comes to attritional and larger losses, and also the types of attack being perpetrated.

Partnering, sharing and co-ordinating is vital, suggests PwC, and specifically in terms of:

*Partnering with technology companies and intelligence agencies to develop an holistic and effective risk evaluation, screening and pricing process

*Data sharing between insurance companies with a view to securing greater pricing accuracy

*Finding a risk facilitator – possibly the broker – to bring all parties (corporations, insurers, reinsurers and policymakers, etc) together in order to co-ordinate risk management solutions (including global standards set for cyber insurance)

Highlighting weaknesses, planning the response

Making coverage conditional on a full and frequent assessment of policyholder vulnerabilities and agreement to follow agreed prevention and detection steps could include exercises that mimic attacks designed to highlight weaknesses and plan for responses. Replacing annual renewals with real-time analyses and rolling policy updates is another proposal put forward in the new report.

Delbridge added: “For the insurer, cyber risk is, in many ways, a risk like no other. Equally, it’s an opportunity. Insurers who wish to succeed will base their future coverage offerings on conditional regular risk assessments of client operations and the actions required in response to these reviews. A more informed approach will enable insurers to reduce uncertain exposures while at the same time offering clients the types of coverage and attractive premium rates they’re beginning to ask for in increasing numbers.”

According to PwC, insurers also need to continue to invest “appropriately” in their own cyber security on the basis that a business which cannot protect itself cannot expect policyholders to trust it to protect and advise them.

“Given the huge volume of medical, financial and other sensitive information they hold,” urged Delbridge, “it’s critical that insurers have closely monitored and highly effective cyber security frameworks in place. Sustaining credibility in the cyber risk market is crucial when looking to become a leader in this fast-growing market. If trust is compromised it would then be extremely difficult to restore brand reputation.”

*Download your copy of ‘Insurance 2020 and Beyond: Reaping the Dividends of Cyber Resilience’ at this link: http://pwc.to/cyber

About the Author
Brian Sims BA (Hons) Hon FSyI, Editor, Risk UK (Pro-Activ Publications) Beginning his career in professional journalism at The Builder Group in March 1992, Brian was appointed Editor of Security Management Today in November 2000 having spent eight years in engineering journalism across two titles: Building Services Journal and Light & Lighting. In 2005, Brian received the BSIA Chairman’s Award for Promoting The Security Industry and, a year later, the Skills for Security Special Award for an Outstanding Contribution to the Security Business Sector. In 2008, Brian was The Security Institute’s nomination for the Association of Security Consultants’ highly prestigious Imbert Prize and, in 2013, was a nominated finalist for the Institute's George van Schalkwyk Award. An Honorary Fellow of The Security Institute, Brian serves as a Judge for the BSIA’s Security Personnel of the Year Awards and the Securitas Good Customer Award. Between 2008 and 2014, Brian pioneered the use of digital media across the security sector, including webinars and Audio Shows. Brian’s actively involved in 50-plus security groups on LinkedIn and hosts the popular Risk UK Twitter site. Brian is a frequent speaker on the conference circuit. He has organised and chaired conference programmes for both IFSEC International and ASIS International and has been published in the national media. Brian was appointed Editor of Risk UK at Pro-Activ Publications in July 2014 and as Editor of The Paper (Pro-Activ Publications' dedicated business newspaper for security professionals) in September 2015. Brian was appointed Editor of Risk Xtra at Pro-Activ Publications in May 2018.

Related Posts