Cyber rate gains may temper at edges from Q3; security craze rolls on

Cyber insurance rates may succumb to “some flattening of pricing” in the second half of 2022, but with greater selection amongst insurers leading to notable diversification in pricing for insureds, analysts at  Marsh have indicated.

“Given that buyers have seen significant pricing increases for the 12-month cycle up to the second quarter of 2022, some flattening of pricing is expected in the third quarter of 2022,”  Marsh analysts wrote.

“We expect to see underwriters continue to use data and target industries that align to their appetites,” they add. “This will likely lead to greater diversification of pricing by industry vertical and between insurers.” Further rate gains follow “swift” pricing increases in H2 2021 as the industry digested its view to systemic risks.

A lot of the work thus gets done in baby steps on capped exposures with no small amount of haggling over coverage exclusions while the industry focuses and builds up its talent on the prevention side.

“Underwriters are expected to continue operating with limited capacity through 2022,” meaning capacity deployment holding in the $2.5 million to $10 million range with upside from “several new entrants,” analysts wrote. “We expect limits to remain at a maximum of around US$400 million, although additional domestic insurers should lead to US-domiciled companies seeing close to US$600 million in limits.”

The Russian invasion of Ukraine added fuel to an already hot-burning debate over exclusions, war exclusions now perhaps first amongst them. “War exclusions in cyber policies were already heavily debated, with the London Market Association publishing their model exclusions in December 2021,” authors wrote. New focus on those threats could make the matter “contentious throughout 2022.”

But exclusions may need to venture into other uncharted territories. The industry has yet to tackle cyber catastrophe events such as with cloud providers, common vulnerabilities and exposures, operating systems, infrastructure, and more, all said to be “the next big topics.”

Those exclusions have been and will be the talk. Current progress is prevention-focused, Marsh authors remind. The industry will continue to bulk up on technical cybersecurity specialists and engaging in outside-in threat scanning.

Did you get value from this story? Sign up to our free daily newsletters and get stories like this sent straight to your inbox.