Pivot for success: navigating the $30bn cyber market-in-waiting
Insurers need to be prepared to pivot in the cyber insurance market to realise its full potential because the loss landscape changes fairly quickly, says Catherine Rudow, global head of cyber reinsurance at Everest.
But it is worth the effort as the market is very much in “growth mode” and its prospects are pulling in capacity, she tells Intelligent Insurer. Rudow thinks the market could grow to around $30 billion in the next seven to 10 years—and that’s a conservative estimate, she says.
The reasons for such growth are many. Rudow points to its historic profitability, for one. “Publicly available data shows that the market has been profitable for most years, and that the recent measures insurers have taken to combat the rising ransomware problem has returned the market to profitability,” she says, adding that growing awareness of cyber risk and exposure has prompted many buyers not just to improve their cybersecurity but to buy insurance.
“With tight underwriting controls and continuous training, we can expect to bridge that talent gap.” Catherine Rudow, Everest“Even in the US where this product is probably the most mature, there are still new buyers and cyber exposures continuously pose new threats. This drives increased demand for cyber insurance solutions across the globe.”
The class has received a welcome boost from the growing number of resources that write and monitor risks. Rudow says there have been “heavy investments” in such tools from carriers and vendors. This has improved the ability to assess and monitor portfolios, and to manage the aggregation, she adds.
Key market challenges
Cyber insurance is not all plain sailing and Rudow is clear about the challenges. She flags up the talent shortage which she says is “felt acutely” in this market because cyber is a relatively new line of business, which has grown quickly. However, she adds: “It’s an exciting line of business and it is attracting good talent. With tight underwriting controls and continuous training we can expect to bridge that talent gap.”
The fast-evolving cyber loss landscape is another challenge. Rudow says that after a “fairly benign 2022”, there is now evidence that threat actors are reorganising and increasing the number of cyber attacks.
“In the US, we’re seeing more third party loss activity associated with privacy regulation. So the constant changes in the loss landscape are very challenging for insurers.”
Navigating evolving losses means “insurers need to be prepared to pivot” in this market, she says, which can be done using pricing, coverage restrictions, limits management and underwriting controls that focus on problem areas.
Challenges around aggregation are also big for cyber.
“Aggregation has been a challenge for the market since the beginning. But as the market has grown so quickly, it’s now receiving much more attention.
“What we’re seeing is improvements in data quality and the aggregation models continue. But with very few actual cyber events, there remains some uncertainty,” Rudow explains.
She emphasises the potential of cyber war to be a source of aggregation risk, acknowledging that it’s a hot topic in the industry. Debate is centred around how to best modernise the war exclusion to address cyber warfare, she says, adding that cyber policy always intended to exclude war, but the older war exclusions don’t address how cyber attacks should be treated in the context of war.
Rudow expects discussions on this to be ongoing as the industry works through the complexity of developing a modernised solution.
“The takeaway here is that the industry is aware of the aggregation problem and continually making strides to understand and manage the aggregation of exposure,” she says.
