The cyber insurance market is in a state of mass disruption. The ransomware epidemic of the past 18 months has caused a major uptick in the frequency and severity of cyber insurance losses. As a result, insurance carriers are doing anything they can to mitigate their exposure and protect their balance sheets. Underwriters are placing much higher scrutiny on insureds’ cyber security controls, and many are applying onerous coverage restrictions, sublimits and/or coinsurance for ransomware.
“Obviously, you can see just how difficult it is to be a broker right now, regardless of how up-front you are with renewing cyber insurance programs, because we’re reacting to the insurance carriers who are trying to figure this all out,” said Meredith Schnur, Canada & US cyber brokerage leader at Marsh. “And that has just caused a domino effect with everybody.
“I think we’re gaining momentum, and we’re doing a lot better [at managing cyber exposure]. I’d love to say that in the near term we’re almost at the top of the mountain, but I don’t see that right now. I do think we’ll get there if we […] stay in our swimming lanes, listen to expert advice and really hunker down and concentrate on cyber hygiene. It seems like such a large and broad term, but it really isn’t when you think about the grand scheme of the cyber control environment.”
Some positive developments in the cyber risk landscape in Canada and around the world are that “more companies are fighting back,” there’s greater awareness and implementation of cyber security controls, and “operational resilience, in general, has improved,” according to Brad Gow, global cyber product leader at Sompo International.
More and more companies are deploying things like multi-factor authentication (MFA) for remote access or administrative access into corporate networks. There’s also greater and more effective use of endpoint detection and response (EDR) tools, system and organization controls (SOC), and comprehensive business continuity and disaster recovery planning.
That’s an important development as insurers are actively probing their bottom lines to figure out how to maintain profitability in the cyber line of business. Gow commented: “That’s certainly something our executive management [at Sompo] is very curious about, as are the regulators and rating agencies. Unquestionably, the ransomware attacks have impacted the profitability of the cyber line.
“Both ransomware, as well as the increase in aggregate exposure that carriers are taking on by writing more and more cyber insurance, are going to have to result in a very significant change in the way the insurance industry handles cyber exposure. I can’t tell you where it’s going to end up, but it’s not going to look like it’s looked for the past five or six years.”
Brokers are having to react to cyber insurance market changes, just as carriers are reacting from an underwriting and pricing perspective, Schnur added.
“I was in this business back in the year 2000. It was called network security back then; it wasn’t called cyber,” she reflected. “And that was when you actually went to underwrite, you actually went on site and looked at the servers. And then we pivoted to the internet, and data privacy and so on. Collecting all of that premium over a 20-year period of time and seeing how fast it has been depleted is very scary.
“And that’s why we’re trying very hard to support our carrier partners because we need a sustainable cyber insurance market. We just have to make it through this pivotal time to understand how to properly price [the risk], which I know the underwriters are still trying to figure out.
“We just need to be a little patient right now, with all of the varying degrees of pressure that organizations have on themselves. Everyone’s trying to do the right thing. Insurers, from their reinsurers and their executive leadership, are making sure they remain profitable. Security professionals are really trying to make a difference and help mitigate this loss and get ahead of it. But with everybody working together, we’ll get to a better place.”