What will cyber insurance buyers face in the coming year? Here’s a snapshot of the top five trends buyers can expect, based on findings from our 2018 Marketplace Realities Report: Cyber risk.
1. Total annual cyber premiums will continue to climb as more companies seek coverage
Global premiums, which are around $2.5 billion now, will continue to rise and are expected to reach $10 billion by 2020. As newer, more powerful attacks and threats emerge, organizations that haven’t already purchased cyber insurance will likely consider doing so. For example, the WannaCry and NotPetya attacks cut across industries and regions that previously weren’t considered as having significant cyber exposure. Given the size, scale and financial and reputational impact of recent cyber incidents, expect those sitting on the sidelines to give serious consideration to purchasing cyber insurance.
2. Capacity will keep up with rising demand, helping keep rates in check
As demand for coverage increases, the “supply of capacity is more than keeping up,” the report notes, with new carriers and additional capacity entering the marketplace. Additional capacity is coming from new U.S., London, Bermuda and Asian markets, which are providing limits of up to $600 million (per risk) in some cases.
Despite a string of high profile breaches, cyber insurance program renewals for both primary and excess cover are averaging only single-digit rate increases. Experts forecast rate increases of up to 5% for 2018.
3. Carriers will scrutinize risks, rewarding those with the most robust cybersecurity programs
Underscoring the importance of a comprehensive cyber risk management program, certain carriers will lower premiums for organizations that have demonstrated increased levels of security and internal policy controls.
4. Demand for coverage will shift
While demand has largely been U.S.-driven, the evolution in cyberattack methods, combined with increasing privacy regulations in the European Union and China, means the global cyber insurance market is poised for explosive growth.
5. Coverage will expand
We continue to see coverage expand as more carriers address gaps in property, general liability and special crime coverage to include perils arising from cyber risk. Some insurers are beginning to blend cyber and property coverages. We are also seeing an expansion of cyber coverage in general. Examples include explicit grants of coverage for ransomware and social engineering and expanded cyberterrorism coverage to include nation-state attacks.
Price prediction Renewals (non-POS retail; non-large health care)
-3% to +5%
Competitive market conditions depending on industry and size of company
With the E.U. General Data Protection Regulation (GDPR) set to go into effect in May 2018, we expect cyber markets to address coverage for regulatory actions stemming from the new regulation. Amid increased consumer and industry reliance on Internet of Things (IoT) technology, we also expect increased gap exposures in technology errors and omissions and cyber coverage on new submissions.As cyber threats continue to evolve, my colleagues and I are optimistic the marketplace and risk transfer solutions, along with sophisticated analytical tools, will evolve to help organizations proactively manage this complex risk. As always, risk transfer alone is not a silver bullet. We urge organizations to build a strategic and holistic approach to managing cyber risk across people, capital and technology.
Joe DePaul is the National Cyber/E&O Practice Leader, North America, at Willis Towers Watson