As an increasing number of boards wake up to the realities of cyber risk there will be a flood of buyers keen to take up cyber insurance. That is the view of Stephen Wares, head of Marsh’s cyber practice.
Speaking exclusively to Intelligent Insurer at this year’s Airmic conference, he said that Marsh’s newly launched survey of its client base showed that 51 percent of its clients had either bought or were going to seek quotations for cyber insurance over the coming 12 months.
“That will be a massive change for Marsh. The number of clients coming into the cyber insurance market and applying for quotes has been a trickle, not a flood, so far. Now I’m anticipating a flood of cyber enquiries – it feels like this is a product that has finally come of age.”
He said that clients’ increased interest in cyber risk is being driven by three key factors. First, boardrooms are beginning to wake up to the catastrophic impact of cyber risk. In Marsh’s recent survey, clients were asked where cyber risk appeared on your risk register.
“24 percent said it was in the top 5 and 32 percent said it was in the top 10 - so that’s 56 percent saying it’s in their top 10 risks,” he said.
Marsh also asked who had ownership of the risk.
“57 percent said the IT department and only 20 percent said the board had ownership. Based on that it seems we still have a way to go to ensure that the board really take responsibility for this as a risk,” Wares added.
He said that awareness of cyber risk is also being fuelled by recent news stories about hacking, and by the launch of a cyber essentials security standard by government – Cyber Essentials, which has been endorsed by Marsh.
With the aim of delivering value as a risk advisor, Marsh has set out to help boards understand cyber risk better through its new consulting proposition, the Cyber Risk Financing Optimisation Study.
“It’s designed to deliver that unique cyber risk profile for a business so it can then make some more intelligent decisions around risk transfer but also how they direct the company’s resources to mitigate those events,” he said.
He added that Marsh’s aims for the future are to develop that proposition and to help boards understand their cyber risk profile better. This need was highlighted by the fact that 68 percent of companies surveyed had not estimated or assessed the financial impact of a cyber attack on their organisation.
“Unless you understand what your cyber exposures are and you’ve quantified those exposures then you are not going to know whether insurance is giving you good value – so really we would like to be able to plug that knowledge gap,” he said.
Airmic, Stephen Wares, Marsh, Europe