The cyber liability reinsurance market remains restricted, but more capacity is expected to enter the sector, albeit slowly and cautiously, from both traditional reinsurers and third-party capital sources.
Cybersecurity risk management measures encouraged by insurers are leading to improved results for cedents, making the risks more attractive to reinsurers, observers say.
While insurance policyholders continue to face higher cyber rates and tougher terms and conditions, measures such as multifactor authentication and offline backups are beginning to result in better loss ratios.
According to Moody’s Investor Service, the sector’s loss ratio improved to 62% in 2021 from 65% in 2020.
Ransomware losses have been a major factor behind the reduction in capacity.
“The (reinsurance) supply was meeting the demand until two years ago, and ransomware just turned the taps off of the supply, so … we ran out of gas pretty quickly,” said Patrick Bousfield, a senior broker with Lockton Re (Bermuda) Ltd., a unit of Lockton Cos. LLC.
Tom Gamble, New York-based executive vice president and global head of distribution for program manager Resilience Insurance Cyber Solutions, said that while the company’s treaty was renewed this year “it was not without a lot of work and a lot more questions than, I think, in my 30 years I’ve ever gone through on reinsurance renewals.”
Michael Dion, Moody’s vice president and senior analyst, said the cyber reinsurance market is in transition, with rates rising for insurance and reinsurance but losses leveling off as a direct result of the success the industry has had in implementing risk management measures.
“The insurance market has largely driven this change” of policyholders improving their cyber security practices, which has led to a decrease in ransomware loss frequency, said D.J. Ruhlman, New York-based vice president for RT ProExec, a division of R-T Specialty LLC.
Experts say concerns around systemic risk, ransomware, lack of loss data, the complexity of modeling cyber risks, pricing and profitability, are among the factors that had been fueling hesitancy about involvement in the cyber reinsurance market.
The cyber reinsurance market will likely see more traditional and nontraditional entrants, including third-party capital providers, said Ian Newman, London-based global head of cyber for Gallagher Re, the reinsurance brokerage unit of Arthur J. Gallagher & Co.
“We will certainly need, at some point, more capacity,” said Michael Hauner, Munich-based senior underwriter in Munich Reinsurance Co.’s cyber center of excellence. “We will need to tap into the capital markets at some point in time over the next two or three years.”
The cyber reinsurance market “would benefit from the evolution of a more comprehensive ILS market,” which may also be supported by government risk pools, said Manuel Adam, Frankfurt, Germany-based associate director, EMEA Financial Services, for Standard & Poor’s Corp.
Recent moves to a claims-made structure for cyber insurance contracts, which has shortened the exposure tail, may make the reinsurance market more attractive for ILS providers, he said.
Kate Nattrass, London-based partner, treaty reinsurance, for McGill & Partners Ltd., said demand, especially for proportional reinsurance, is still greater than the supply. “But where there’s demand, there’s opportunity for new products to evolve,” she said.
Erica Davis, managing director, global co-head of cyber, for reinsurance brokerage Guy Carpenter & Co. LLC, said, “We are doing a lot of work with reinsurers” to help them grow their cyber business as well as sourcing new capacity with cyber reinsurer entrants.
Ms. Davis said Guy Carpenter is working to educate the new entrants on the risk, the improving state of the market, and why headline events alone are not enough to inform appetites to cyber risk.
“Guy Carpenter is also working with new capital sources because we feel this risk is expanding so dramatically that traditional capacity won’t be sufficient” to keep pace with the market’s growth, she said
Phil Edmundson, founder and CEO of Boston-based Corvus Insurance Holdings Inc., an insurtech managing general underwriter, said there is so much potential for growth that “it’s just too good a market opportunity to miss out on.”