Skip to main content
Survey Report

Insurance Marketplace Realities 2020 - Cyber Risk

Cyber Risk Management
N/A

November 13, 2019

With ransomware incidents increasing dramatically across all industries in frequency and magnitude, including some high-profile breaches, we are starting to see an uptick in premiums and a cautious deployment of capacity across the global marketplace.

Key takeaway

With ransomware incidents increasing dramatically across all industries in frequency and magnitude, including some high-profile breaches, we are starting to see an uptick in premiums and a cautious deployment of capacity across the global marketplace.

Rate predictions
  Trend Range
Cyber Flat to increase Flat to +10%
Primary and excess cyber renewals are now averaging premium increases in the 5% to 10% range, though flat renewals should be possible for some buyers.
  • Increases have largely been driven by the explosion of ransomware losses during the second half of 2019, when the average loss jumped from $500,000 to well over $1,000,000.
  • Carriers have been reevaluating their positions in large towers and looking more closely at rates in perceived burn layers.
  • In excess layers, carrier focus revolves around obtaining adequate premium for perceived risk. There is no longer competition to participate in excess towers, especially if pricing is considered too thin.
Cyber capacity is starting to tighten, as insured losses continue to rise.
  • The cost of data breaches continues to increase year by year, with reputational and regulatory costs the main drivers.
  • According to the 2019 Cyber Risk Outlook, prepared by the University of Cambridge, incident response costs are also driving the increase in the cost of data breaches. As the cyber threat landscape becomes more complex and demand for cyber security resources increases, so do the costs in remediating data breaches, particularly for large-scale events.
  • The human element continues to be the leading cause of cyber loss.
  • Recent high-profile breaches highlight the need for companies going through a merger or acquisition to engage their IT staff early in the process to evaluate cyber breach risks. The potential harm, both from a reputational and financial perspective, could have a significant impact on the business to the point of undermining the potential value of the merger/acquisition.
  • Certain carriers are adjusting their ransomware coverage appetites and considering sublimits and co-insurance alternatives.
Coverage continues to evolve and expand to cover regulatory risk, reputational damage, forensic accounting and gap exposures.
  • The E.U. General Data Protection Regulation (GDPR) went into effect in May 2018, and the California Consumer Privacy Act will go into effect in 2020. We have seen cyber markets more affirmatively address coverage for claims stemming from the GDPR and for claims anticipated under the California Consumer Privacy Act. Markets are also offering expanded wrongful collection and compliance coverage in response to these regulations.
  • Other coverage expansions include forensic accounting coverage, reputational damage coverage and reinstatement of limits provisions in certain industries.
  • Business interruption/system failure continues to be an area of concern for underwriters. Heavily exposed industry classes, such as aviation, manufacturing and transportation, have seen increased underwriting scrutiny. While coverage remains available, some industries will experience significant premium increases.
  • Despite concern over system failure losses, some cyber carriers are now beginning to offer business interruption/system failure coverage for outsourced providers that fall under critical infrastructure (cable, Internet, utilities) — previously a non-starter for carriers. They are providing solutions, in the form of small sub-limits, to help address these exposures. Whether these sublimits will be followed throughout excess towers remains to be seen.
  • Cyber underwriters are working more closely than ever with their counterparts in other lines. Cyber and property underwriters in particular are combining forces as carriers continue to expand their coverage offerings in business interruption. Given the experience and understanding of how business interruption losses play out, it is a natural pairing that should help cyber underwriters understand what they face in claim scenarios. Notwithstanding this cooperation, we are seeing carriers withdraw or limit cyber coverage in non-cyber insurance lines due to concern about aggregation.
Contact Us
Related content tags, list of links Survey Report Cyber Risk Management Insurance United States