Monday, January 23

Prime cyber insurance for growth by optimising caps, capacity and capital | Insurance Blog


To develop the next generation of e-insurance – as a widely available and affordable mass-market product – carriers will need to solve long-standing structural issues first. We have identified three levers to achieve this:

  1. reduce of Individual Risks by Strengthening Cyber ​​Security
  2. The appropriate size Exposure, especially to cyber disasters
  3. sought Access to capital for electronic underwriters

We’ve covered the first of them – mitigating risks by strengthening cybersecurity – previously. Today we move from individual risk to portfolio risk, and explore the other two leverages: equity exposure and the expansion of underwriting capital.

At the moment, the Internet can take a very large toll, both through corrupt borders and catastrophic events that surround several policyholders at once. But if they can reduce losses and improve overall capacity – reducing exposure, so to speak – insurers can weaken this dynamic. This, in turn, will expand access to the capital the line needs and permanently lower market prices.

Covering claim costs through critical incident response

Decisive early action as cyber disasters unfold – just as with natural disasters – can help limit significant individual losses. So how do insurance companies facilitate this?

First and foremost, with effective payment, funds can be immediately put to work on containment. Some creators like it Parametrics And the Qumplx Even bringing the parametric model online, completely avoiding the claims/modification process to provide liquidity “bridges” long before traditional operations are completed.

Furthermore, insurers (and brokers) should incorporate customized accident response services into their offerings – giving customers access to expert advice as soon as an incident is discovered.

Since many customers already pay for accident response independently of any insurance, there is an alternative model that insurance companies might consider.

Instead of entering security offers into insurance policies, they can instead direct the insurance to the security offer. As discussed earlier, cybersecurity and cybersecurity can be cost-effectively integrated within a managed security layer – and the Management of Discovery and Response (MDR), or Security Operations Center as a Service (SOCaaS), would be a natural extension of that and create more synergies.

Click/tap to view larger image.

In 2022, the global SOCaaS market is worth about $450 million, but will approach $700 million by 2025, driven by demand for specialized services in cyber forensics, regulatory compliance, and crisis communications.

Appropriate cyber exposure through intelligent capacity assignments

We welcome any initiative to reduce cyber claims. However, large individual losses are not the only disturbing dynamics at play.

Earlier, we described the Internet as an “unnatural disaster” – capable of causing the same devastation in an insurance company’s book as a hurricane or earthquake but seemingly less direct in terms of diversification.

However, it is easy to overestimate the problem of diversification in the Internet.

A useful touchstone has been found in recent discussions about the possibility of pandemic insurance. With Covid-19, governments have shown their power in shutting down entire sectors and markets overnight – potentially leading to business interruption (BI) claims from every policyholder in the book. If Covid-19 is the limited case of diversification, where is the internet in comparison? Somehow short for sure.

In fact, while cyber risks may not share the seasonal rhythms of NatCat, that does not mean that there are no rhythms with which carriers can adapt to balance their portfolios.

To begin with, cybercrime is really its own economy, with hackers opportunistically pivoting between multiple methods of attack – meaning not all cyber categories are necessarily related. A few years ago, the preferred cyber attack was a data breach, but the breaches have since declined in the face of the vast ransomware bubble. Now, in another development, we see cases of “double extortion” combining ransomware and leaks.

Long-term data on the mechanics of the “cyber economy” is still limited – and making this useful for insurance is an additional bridge thus far. However, it is sure to benefit insurers in breaking the internet into its component risks – each as different from the next as floods, earthquakes, and wildfires within NatCat. Each one brings a different loss profile, with implications for pricing, diversification, exclusions and sub-limits.

Actuarial vs Hacktuary: Facing the Ransomware Challenge

Ransomware is often discussed in the context of exceptions and sub-limits. In contrast to the case of a data breach: here the loss is proportional to the size of the breach (such as the number of affected customers), which means that safe limits can be set based on the maximum size of the breach. Meanwhile, the electronic ransom can be arbitrarily high. So, safe limits on policies that are set up to cover data breaches are quickly bypassed by ransomware – if ransomware is added to the policy without further thought.

Obviously, policies can be adapted to ransomware – with higher premiums and more capital. However, the cap is really expensive and the capital is already restricted. With such limitations on the risks the industry can take, a slight decrease in exposure to ransomware is likely to go a long way toward expanding other types of coverage and customer size as the industry strives for stable returns.

Another challenge is the hackers’ scope for smarter pricing, as “hackers” are looking for the right place to put the ransom. Especially as coverage of ransomware becomes more widespread, average ransom demands may creep towards the borders, entailing higher premiums and higher limits – a vicious cycle that only serves to finance the hackers.

In response, some insurance companies have gone even further Suspend ransom payments. However, any motivation to rule out ransomware entirely is likely to meet resistance from policyholders: in a recent survey of underwriting underwriters and online brokers, “cyber extortion/ransom” coverage saw the greatest appetite for higher limits and least appetite for limit limit.

Click/tap to view larger image.

Unpick cyber aggregates with AI-based portfolio analysis

In the end, there are no quick solutions to the problem of electronic diversification. Even if you can play with the balance of the online classes you own, the stakes within each class will still be closely related.

For example, successful ransomware attacks are almost always likely to reach a high percentage of insurance policyholders due to the ease with which hackers can copy and paste the same attack template. However, over time, the recurrence of attacks can decline as companies’ operating and security environments become increasingly customized — meaning that risks within the same category, such as ransomware, will eventually die.

Much of this is my guess, so significant portfolio analysis – potentially AI-driven – would be required to understand where pools are occurring and what factors are really beneficial for better diversification. Currently, about three-quarters of electronic underwriting guarantors actively manage cyber-assemblies:

Click/tap to view larger image.

Time will bring greater adoption and complexity to portfolio analysis – as well as greater integration into risk selection and pricing. In this way, insurers can improve capacity allocation and reduce the cost of capital and with it lower prices for end customers.

We started this series by noticing that electronic insurance as we know it is broken – with prices rising to the throttling range and improvements in the line. The portfolio-level interventions described here—separating individual cyber risks as well as data-driven approaches to diversification—will do much to “unscrew” the line, especially if combined with enhanced cybersecurity to mitigate individual risks. This brings us to the final piece of the puzzle: capital raising.

If you build it, the underwriting capital will come

At the heart of the challenging cyber market, there is a dearth of capital to write cyber risk – an eventual limit to market growth. So, how will this be resolved?

The bad news is that there is no quick fix for increasing capacity: As long as cyber risk is viewed as a speculative investment, insurance companies will struggle to grow their capital base. As with any prospect, the sector has to prove that it is truly investment grade; Only then will venture capital providers move the internet to the bread and butter portion of their portfolios, with the largest and most regular allocations they bring.

The good news is that the Internet will not remain a speculative investment indefinitely.

Everything we’ve discussed in this series — cybersecurity best practices, rapid incident response, catastrophic exposure limits, and pool management — brings us closer to a product that can deliver stable returns at scale. As with the jigsaw, solve the remaining slots and the last piece by itself; Reform the electronic subscription and the capital will flow duly.

Capital will come from many directions. Insurers (re) the current Internet, which “hacked” the line, will write more works. Likewise, the airlines currently waiting on the wings — those with a limited appetite for speculation, we might say — would feel better able to debut.

Given the potentially huge amount of cyber risk waiting to be written, it is likely that alternative capital will play a role in meeting future demand. Transactions involving insurance-linked securities (ILS) have so far been rare on the Internet, largely reflecting the speculative nature of the risk. However, there are a lot of things that recommend cyber risks to outside investors in the long run:

  • Due to the low interest rates, the internet offers a return – separate from the broader money markets and existing Cat investments too
  • While traditional Cat risk can lock up an investor’s capital over many years as claims develop, the Internet is short-tailed – allowing investors to get in and out with relative ease.

Today’s challenging market returns will continue to spur financial innovation. In the coming years we may see Cyber ​​Cat Bonds – assuming the market can develop acceptable ways to value them. Meanwhile, sidecar-like structures are already being trialled by a handful of major carriers.

In the short term, carriers should take a pragmatic approach to scaling up the line. It’s not just about milking today’s tough conditions; And it’s not about giving up on solving all the world’s Internet problems. By pulling the levers discussed here, insurers can build an efficient electronic marketplace from the ground up: increase the number of customers with some cyber protection, expand branch lines and, eventually, gain access to a suite of mass market products.

We hope you enjoyed this series – for more info, Download our online insurance report. To further discuss any of the ideas we’ve covered, please get in touch with us.

Get the latest insurance industry insights, news and research straight to your inbox.

Disclaimer: This content is provided for general information purposes and is not intended to be used in place of consulting with our professional advisors.


Leave a Reply

Your email address will not be published. Required fields are marked *