• Support
  • Log In
  • Sign Up
ANZIIF Logo
Go back
Professional Development

Need help with professional development?

Contact Support

View by Kind
Go back
View by Kind
Short Courses Qualifications Skills Units Compliance Webinars Events Articles Videos Activities Whitepapers Ask an Expert
View by Sector
Go back
View by Sector
Claims General Insurance Insurance Broking Reinsurance Risk Management Life and Retirement Income
All Professional Development The Journal Recognition of Prior Learning Your Career in Insurance
Studying with ANZIIF
Go back
Studying with ANZIIF Enrol Academic Calendar Assessments FNS20 Training Package Student Support
For Companies
Go back
For Companies Train your staff Life Insurance Professional Standards General Insurance Claims Handling Framework Reference books Government Training Incentives
Go back
Membership

Need help with your membership?

Contact Support

Member Tools
Go back
Member Tools
Login Become a member Renew or Reinstate your membership
Members Centre - Professional Development
About membership
Go back
About membership
Your Membership Guide Member Levels Benefits Certified Insurance Professionals Digital Badge Member Directory
Scholarships and Awards
Go back
Scholarships and Awards
Australian Industry Awards New Zealand Industry Awards Academic Awards Lloyds Scholarship Turks Bright Light Award ICNZ and ANZIIF Scholarship
Go back
About ANZIIF

ANZIIF is the leading membership, training and professional development organisation for the insurance and finance industry in the Asia-Pacific region. We partner with a broad range of organisations and government to provide services that support professional excellence. We help enhance standards and improve community understanding of insurance and finance.

Overview
Go back
Overview History Boards and Councils Annual Reports Media Governance Corporate Sponsorship Partners Careers at ANZIIF Contact
Community Initiatives
Go back
Community Initiatives
Your Career in Insurance Careers in Insurance Corporate Supporter Making a Difference Awards Donna Walker Awards Life Insurance Professional Standards General Insurance Claims Handling Framework Generation i
ANZIIF Logo
Professional Development The Journal
Journal
0.25CIP Points

Strengthening cyber reinsurance

Susan Muldowney
26 May 2022 - Reading time 3 minutes
General Insurance Reinsurance Risk Management
Cyber Market 1920x1080

Vol: 45 Issue: 1 | March 2022

In March 2021, US insurance giant CNA Financial fell victim to a ransomware attack after hackers breached an employee’s workstation using a fake browser update. The attackers spent two weeks exploring CNA’s IT environment undetected. They disabled monitoring and security tools, destroyed company back-up files and copied sensitive data before deploying ransomware that prompted CNA to disconnect systems globally to contain the crisis. Bloomberg reports the insurer paid a US$40 million ransom to regain control of its network.

CNA Financial, which provides cyber insurance, has firsthand experience of the growing threat of cybercrime and the risks it presents to the insurance industry. Among the challenges, however, is limited reinsurance capacity to support cyber insurance growth.

The role of cyber reinsurance

Data from cybercrime researcher and publisher Cybersecurity Ventures estimates global cybercrime costs will reach US$10.5 trillion a year by 2025, up from US$3 trillion in 2015. 

The costs include damage and destruction of data, stolen money, lost productivity, theft of personal and financial data, fraud, forensic investigation and reputational harm.

Insurers are also grappling with the emergence of ‘silent cyber’ risks, which refer to potential cyber-related losses stemming from traditional property and liability policies. 

In 2021, cyber insurers increased pricing and improved underwriting controls across the market. Data from Marsh’s latest Global Insurance Market Index shows cyber pricing increased 96 per cent in the third quarter — a 40 per cent increase over the second quarter and the largest lift since 2015. 

Michael Parrant, client director and cyber insurance practice leader at Aon, says the cyber market has ‘moved sharply’ to address the threat of ransomware attacks. 

‘Controls that are aligned with reducing this threat are now considered essential,’ he says. ‘The market no longer provides leeway for organisations to have a plan on implementing certain controls. Now the market will only consider providing quotations when certain controls are fully implemented and tested. 

‘The speed of the change has caught us all by surprise, and the trend of improving controls will continue throughout 2022 and into the future.’

Is cyber reinsurance changing the industry?

The question, however, is whether these changes will increase the appetite for cyber risk among reinsurers. 

Nick Sordon, head of casualty underwriting — Australia and New Zealand — at Swiss Re, says reinsurers are already helping insurers to limit their losses from cyber claims.

‘Reinsurers currently do heavily support the [cyber] market with risk capacity, perhaps more so than in many other lines of business,’ he says. ‘We estimate roughly 40 per cent of the market premium to be ceded to the reinsurance market.’

Sordon estimates the global cyber insurance market for 2021 amounted to approximately US$8 billion and says Swiss Re expects it to increase at a compound annual growth rate of between 20–30 per cent.

‘This is not just in terms of premiums, but also exposure,’ he says. ‘Coupled with the growing catastrophe risk, capacity needs for cyber insurance will therefore increase at a rapid pace.’

However, given the volatility of cyber risks, reinsurers are applying a stronger risk management approach in the market. 

‘Despite the efforts of the cybersecurity industry — and, more recently, the growing involvement of governmental bodies — to curb these attacks, there is no apparent end in sight,’ says Scott Hawkins, managing director, Munich Re, Australasia.

‘Furthermore, cyber is a systemic line of business with the potential for significant aggregation of losses. While a catastrophic event is yet to materialise, the potential for such losses clearly exists and insurers need to reconcile short-term profitability with long-term sustainability.’

Risk ratios on the rise

According to the National Association of Insurance Commissioners’ 2020 report into cyber risk in the United States, the top 20 groups in the cyber insurance market reported direct loss ratios in the range of 24.6–114.1 per cent. In comparison, the normal loss ratios for auto and property insurance lines are 40–60 per cent.

‘Typically, and this varies across jurisdiction and insurer, a loss ratio of 70 per cent is bordering on unprofitable for the carrier,’ says Aon’s Michael Parrant. 

‘Such loss ratios of an individual or group of insurers will almost certainly impact reinsurers’ pricing and availability of capacity and, in turn, cause reinsurers to consider coverage, terms and conditions offered to insurers. This will have a direct impact on the terms and conditions that insurers can offer to direct insureds.’

The evolving cyber insurance risks

A 2021 cyber market report from S&P Global Ratings shows reinsurers’ underwriting and modelling expertise could help to build up the market.

Parrant says reinsurers play a key role in bringing data and global understanding to local cyber markets.

‘This enables insurers to determine what risks are able to remain within existing property and casualty portfolios, as well as silent cyber considerations, what costs need to be factored in to limit a social inflation factor, and the risks that need to be removed and insured into the cyber market as direct risks,’ he says.

Sordon says the insurance industry is still building knowledge of evolving cyber risk. 
‘Some of the larger scenarios are too big to be borne by the private insurance industry alone,’ he says. ‘It is the right time now to discuss and design specific pools and government-backed solutions to allow for insurers to pay claims sustainably and innovate in this mercurial risk class.’

Sordon says Swiss Re is working with universities and regulators to create the right ‘boundary conditions’ for a sustainable cyber insurance market.

‘We support our clients in the development of cyber insurance products for small and medium-sized companies that require end-to-end cyber solutions to protect their business,’ he says. ‘Similarly, we support our clients in the personal-lines segment by providing a product development toolkit to address key elements across the entire value chain. 

‘We do this by providing access to our global expertise and saving our clients time and resources by absorbing the initial cyber insurance product development effort, while sharing the risk.’

Opportunities for growth

Despite the challenges, reinsurers say there are opportunities for growth in cyber risk appetite. Parrant says market development requires a collaborative approach.

‘Reinsurers, and the overall market, continue to grapple with significantly large risks within a growing but modest common pool,’ he says.

‘Regionally, there is capital and expertise throughout every level of the market. Those trying to draw equilibrium between client, insurer and reinsurer needs, and allowing access to the upside of sharing cyber risk and not just the downside, are perceived as more likely to succeed longer term.’

Sordon adds that further capacity may be found in capital markets. ‘Cyber risk capacity is tightening while demand is still growing,’ he says. ‘Access to risk capacity from capital markets and / or government-backed schemes for the worst accumulation scenarios are options that should be explored. In order not to exhaust available capacity altogether, new capacity needs to be generated.’

Read this article and all the other articles from the latest issue of the Journal e-magazine here

This is Worth

0.25 CIP Points

Login to Collect Points & Comment
What are CIP Points? About ANZIIF Membership
Your comment has been successfully posted

Comments

Loading comments

Remove Comment

Are you sure you want to delete your comment?
This cannot be undone.

kitchen sink logo
  • About
  • Professional Development
  • Membership
  • Compliance
  • Contact Us
  • Enrol
  • Become a Member
  • Login
  • Privacy Statement
  • Terms & Conditions

© Copyright The Australian and New Zealand Institute of Insurance and Finance Inc. 2021

RTO NO. 3596