Beyond ransomware: why ILS capacity will be important to cyber risk


Beyond ransomware: why ILS capacity will be important to cyber risk

Catherine Mulligan, global head of cyber, Aon

A recent spike in cyber attacks and, specifically, ransomware demands has made the cyber insurance market much more challenging, and reinsurance rates have spiked. The goal for this market must be the creation of long-term stable capacity, Catherine Mulligan, global head of cyber at Aon, told APCIA Today.

“That is always our goal,” she said. “While some of the recent results and loss ratios of insurers have been sobering, we can also see that insurers are applying changes, getting better rate and managing their portfolios activity,” she added.

“It will take a little time for those positive actions to filter through, but we would encourage the market to take a rational, long-term approach and focus on the future stability and capacity that clients will need. Equally, we are starting to see growing interest from alternative capacity, which is exciting.”

Mulligan, who describes cyber as being a market in which “there is never a dull moment” is well placed to say this. Her team at Aon works with clients globally to help them better understand cyber risk and manage that exposure. It has placed billions of dollars in total cyber treaty limits this year.

This means it uses a solid and reliable base of traditional reinsurance capacity. But she stresses that interest from alternative capacity is building, and Aon is nurturing it.

“This will be something the market needs as traditional capacity becomes constrained,” she said. “We have already sourced $70 million of collateralised capacity this year and we are working with Aon Securities to increase the appetite for cyber among alternative investors.

“Underpinning all of this is threat-informed analytics. We use multiple models, stress-tested with our own technographics, which will support the development of parametric triggers. 

“We work closely with clients to get a better understanding of their exposure,” she said. A clear picture of drivers of tail risk shapes how the insurance-linked securities (ILS) market could support the cyber market.

“We would encourage the market to take a rational, long-term approach.” Catherine Mulligan, Aon

Growing sophistication of hackers

The recent challenges of ransomware attacks are a problem, Mulligan admits. It is becoming a profitable venture and the sophistication of hackers is growing.

But there is also good news. Insurers are getting ahead of the game in terms of the technology they have available to better manage these exposures and help clients do the same. Equally, they are increasingly drilling down into portfolios and examining to what extent insureds are following recommendations, and sharing this information with their reinsurers.

Despite this, there has been a marked deterioration in loss ratios. This, coupled with other concerns, has led to a hardening market, she said.

“We are seeing material underlying rate increases—some are averaging 50 percent or more. Equally, insurers are more careful on how they deploy capacity. We are seeing line sizes being reduced and a lot more caution on how capacity is deployed,” she explained.

This discipline is being seen across the market. Mulligan notes that Lloyd’s has said capacity will be allocated to cyber underwriters based on performance. Equally, cedants are becoming more nuanced in how they structure their reinsurance programmes.

“We have already sourced $70 million of collateralised capacity this year.”

“They want understand the dynamics of the purchase, factors such as earnings volatility. They need credible scenarios with sensitivity testing so they can set their risk tolerance and understand their tail exposure. The models have come a long way,” she said.

That said, building client confidence in cyber modelling remains important to Aon. Its dedicated cyber analytics team works with multiple models combining this with real-life cybersecurity insights. The aim is to offer tangible insights.

“We want our clients to take from what we do something they can go back and present to their boards,” Mulligan noted.

Aon’s cyber brokers are dedicated to the space—specialists rather than generalists. They work closely with reinsurers to understand their concerns, always seeking the middle ground.

“We want to create programmes that are pragmatic, constructive and competitive,” she said.

She concluded by noting that while risk transfer can do a lot, the role of government will remain important in how cyber risk is managed and transferred globally, saying that a US taskforce has been created to look at ransomware and the threat to critical infrastructure. “Ultimately, international cooperation will be needed. A good partnership between the public and private sector will be essential in tackling this,” she said.


Catherine Mulligan is global head of cyber at Aon. She can be contacted at:

APCIA 2021, Aon, Technology, Cyber Risk, Ransomware, Insurance, Reinsurance, Catherine Mulligan, North America

Intelligent Insurer