What is happening with cyber insurance rates?

Jane: [00:00:22] Hello everyone and welcome to the latest edition of Insurance Business TV. Jen Frost, News Editor, Insurance Business. Today we’ll be looking at the cyber market with Steve Robinson, global leader of the cyber practice at Risk Placement Services. RPS this year was named a five star internet insurance company by the insurance industry and Steve will be sharing his knowledge of the online market through 2022 and beyond. So this should be a big part today. Steve, welcome to the show.

Steve: [00:00:54] Oh, thanks for having me, Jen. It’s good to be here.

Jane: [00:00:56] It’s a pleasure to have you with us today. How many ransomware attacks have occurred in the past 12 to 18 months?

Steve: [00:01:04] It’s an interesting question and one that I’d say has gotten a lot of attention over the past six months. 18 months ago, we were in a period of very high frequency, very dangerous ransomware where it was not uncommon to receive 11a notification a day or more at times. Recently, we’ve seen a drop in frequency, especially, as I said, in the last six months. Some of the things we see are scary. Acting groups are often small, sometimes very inexperienced. They are using ransomware as a service model, often. So it’s not unusual to see these groups with little experience, who are just pulling this type of service from the internet, and doing it. And this can have problems when trying to recover data. Vulnerable players can do this. And we’re also seeing smaller demand than what we saw a lot in 20 and 21. So all of that, I think, is encouraging. It is not known how permanent this is. But this has been happening recently.

Jane: [00:02:14] The number of ransomware attacks is expected to fall in early 2022. Why would this be? And is this an ongoing phenomenon?

Steve: [00:02:23] Right. I think the answer to that is, there are a lot of different kinds of responses that are coming together at the same time that are creating what we’re seeing in terms of lower rates. First of all, I think there has been a lot of awareness through voice channels in the government that focuses on this type of thing. I think the last big event that happened was last summer in the Colonial Pipeline from everything I understand, the attackers didn’t mean to get the attention they did. And I think we’re a little over their heads when it comes to that. And so I think that more scrutiny and more scrutiny from the federal government is really doing that. Also, I don’t want to underestimate the cost that I believe insurance companies have been incurring to qualify for cybersecurity insurance in the first place. So if you beat the clock a few years ago, you know, insurers weren’t asking a lot of questions. They were willing to put in a lot of effort. And so, we had, I think, most of the insurance limits that were out there with full disclosure that were well written. What we have now are things like MFA and some of the best defenses against ransomware attacks. It is not an abbreviation that is unknown to everyone, as it was a few years ago. It is becoming more and more common. Features such as end-to-end detection and real-time secure response, split systems and backups have been widely implemented. So I think the insurance community has played a big role in that and I think small businesses and medium businesses have done very well. All of these things are contributing and maybe we’ll talk a little bit about the war in Ukraine and what has or hasn’t happened. But I think it definitely has a role. Will it continue? That’s the million dollar question, isn’t it? My personal belief is that as long as this is unknown and profitable, it will continue. So I don’t see it going away anytime soon. I think it’s just changing things. The goals are sometimes falling short. They are trying to stay under the radar with minimal demands. So all of these things, I think, together are contributing to what we’re seeing in the reduction or in the near future.

Jane: [00:04:42] Prices appear to have started to drop for some insurance policies in the first quarter of this year. Does this signal a cyber revolution, and could we be looking at a softening market?

Steve: [00:04:52] I would hesitate to call it a soft market at this point. I think it’s a little late for that. Instead, what we’re seeing is less volatility. And when it comes to increases often, I think it would have been unsustainable if the increases that we saw last year in 2021 continued at the rate that continued because as we know, we see them regularly over 100. % price increases. I think it was necessary to fix the market. I think what we’re still seeing is not just prices but underwriting and proper management in the market. It is a serious drug. So in the most recent revision, the latest cycle, we’re still seeing an increase. The increase in double digits is very unusual to see them start from the bottom around 20 to 25% and sometimes they go up to six percent increase depending on the market, but not the way we were and not the mature culture that we were seeing at this time last year. So I see it as an encouragement and a sign of a growing market. It’s interesting when I talk to the agents and they ask me for specifics and I said, well, what’s interesting is the risks we’re used to keeping wind, water, fire, theft. These are things that have been going on for hundreds of years. Right. And we have data that we can extract and create documents and build actuarial tables in cyber, unlike them, it changes every day. The risk itself and how it changes every day, every week, every month. And so, it’s a very powerful story that has to go along with it and the changes in the script.

Jane: [00:06:38] Thank you, Steve. Can you talk about how the July refreshes went? Have there been any problems in the market?

Steve: [00:06:46] Yes. Market problems, I would say, of course. Well, we’ve run into some problems. As we know in the last year. Some players come out and it can be very difficult to build big towers because of some risks that we take care of. I would say that one of the biggest challenges is just entering information. So you have a combination of many things that are required from underwriters. You have a group of brokerages that still have a lot of people according to the old requirements. Right. And so you get a big increase in the amount of knowledge that is needed, the amount of back and forth and insurance is true, staff know that it is difficult to find good talent like that. We’ve seen a lot of turmoil in the publishing and marketing community. It got really bad. In fact, fortunately, RPS has experienced this at almost the same level as many others. It got so bad that we started a campaign on LinkedIn that said, I’ll stay. And we also highlighted that our long-standing employees have chosen to continue their work at RPS. But that creates confusion in the market when it comes to action. Having the depth and breadth of knowledge we need from a grassroots perspective, and that can translate up to the insured.

Jane: [00:08:09] Do you have top marketing tips for helping customers deal with cyber threats?

Steve: [00:08:14] Oh, sure. I would say now that we are past seven, to use it as an opportunity to rest a little and start preparing for the coming year, 11 months, to be exact. With your customers, look at their cyber use, ransomware, additional software you receive in the latest update and deal with insurance and talk about where you see weaknesses. This doesn’t mean you have to be an expert. You can partner with a company like RPS that has these types of experts on the writing side. But mostly anywhere you see feedback on apps that aren’t good. Talk to your customers and discuss a plan to deal with these types of issues. I know that they will obviously involve a commitment of resources, investment and staff to change those things. But they really need to change. It’s in everyone’s best interests. It is in the customer’s best interest to prevent these claims from happening in the future. And just make them an uninsured customer. And the more options they have, the better chance they have of having better terms and conditions and prices and things like that for the next renovation. So it would be one thing to participate in the discussion now as opposed to a month before it starts again. Oh my gos, you need an MFA, you don’t have one. And they think, I can’t afford this. I haven’t had enough time to think. We know now we have had a good year behind us for these insurance needs. Let’s take a deeper approach with our customers and have a conversation to see how we can improve in the coming year. And I think it also gives sponsors an opportunity to add value to conversations like this, not, here’s your job, write, let me see what I can find. So if it was that it would definitely be one thing. And I can say it again. Again working with someone who really gets it. What we’re witnessing is that many insurers are putting new restrictions in the rules that have to deal with the things that they have to deal with, things like systemic risk, things like high vulnerability that a potential insurance agent might not. have any knowledge of. And so if you are working in this language from several different carriers every day, that may be in contact with your agency if so. So I would just repeat, strengthen the partnership with special partners who do this every day, and this will help to create great value for your customers.

Jane: [00:10:42] Well, that seems like a good point to end today, Steve. Thank you very much for joining us. It’s been great having you on the show.

Steve: [00:10:51] With pleasure. Thank you.

Jane: [00:10:53] Thank you, Steve. Thank you. And to you, the viewers, we couldn’t do it without you. Don’t forget to check out more of our podcasts, videos and Daily News at www.insurancebusinessmag.com/US. I’m Jen Frost, News Editor, Insurance Business.