The global cyber cover premium pool is expected to increase by 25% annually, reaching $US22.5 billion ($32.49 billion) by 2025, although insurance profits will continue to be difficult, according to a new S&P report.
The rating agency says the recent growth in total premiums, which stood at about $US9 billion ($12.97 billion) last year, was mainly due to inflation – not the number or size of insurance contracts.
S&P said rate changes and policy studies mean redemptions are not a threat “for cyber insurers – but generating sustainable profits from cyber will “remain difficult” and worse-than-expected results last year have led to more skepticism about underwriting large risks. for some insurers to reduce their risk of consumption.
Insurers’ caution on cyber security and tightening is “justified by the systemic risk that comes from connected digital assets and infrastructure,” S&P’s. Rocky Road to a mature cyber insurance market the report said.
The organization oversees the risk management of a large number of insurers they rate and says that the increased power of the cyber insurance market, without risk management, could damage exposure, costs and revenues.
“Cyber events can have a simultaneous impact on policyholders,” S&P said, with a recent report suggesting a major cyber event could cause damage to “a significant proportion of the growth of the overall cyber insurance market”.
S&P says a better risk-adjustment is needed to see a market rally instead of “sustainable high prices followed by the volatility required by the reluctance to take on new risk”. The need to constantly review risk exposure is a challenge for insurers, and the changing nature of contracts can “provide market stability”.
S&P predicts that cyber premium rates will change going forward due to new types of risk differentiation, emerging cyber security standards and changes in cyber security.
“This diversity has become a very important pillar in the efforts of insurers to create sustainable cyber insurance. It has also, in some cases, led to the termination of contracts when the policyholders have failed to meet security standards and thus reimburse the acceptable risk,” said the report.
Insurers have also increased retention levels to ensure that increased risk remains with policyholders, and reduced coverage for certain types of loss with sublimits, particularly related to ransomware and business interruption.
“These changes are partly due to the number of insurers whose loss ratio has increased significantly, mainly due to the large and increasing number of claims related to ransomware,” said S&P.
The number of ransomware attacks increased by 232% from 2019 to 2021 to be the main driver of loss-related threats, leading to costs related to business interruption, data recovery, IT legal costs, regulatory investigations, and fines.
“The secondary results have led to more systematic and innovative questions in the risk assessment process at the time of writing, increasing the likelihood of accepting new risks,” the report said.
Promisingly, the average salary following the ransom attack has fallen by almost a third and the unpaid interest rate was 54% in the first quarter, up from 15% two years ago.
S&P says that victims feel more empowered because of better performance because insurers often reduce cover if a potential policyholder does not have IT back-ups, endpoint detection technology, a protocol that ensures the stability of IT systems, defining cyber response, or multifactor. certainty.
Insurers are also monitoring the real-time nature of new threats and attack methods that S&P receives and says “should help better assess the risk profile of policyholders and potential customers”.
Going forward, S&P says sound policy with specific wording is essential to building a sustainable cyber insurance market, which requires a deep understanding of how recovery drives losses, model changes, effective risk management and smart underwriting.
“Insurers that thrive in the cyber market without this technology will expose themselves to increased financial and profit volatility that will force us to change our approach,” it said.
Those with a mentoring and focused approach can improve their portfolio and better prepare for the next growth opportunity, he said.