These two words encapsulate the cyber insurance market for Nadia Hoyte (pictured), cyber national practice leader at USI Insurance Services.
The segment has been characterized by huge rate increases, coverage restrictions, and a rapidly evolving risk landscape during a hard market cycle in the past few years.
But even as prices have stabilized, old risks are cropping up in new ways, making cyber insurance an unpredictable and exciting field to work in.
“You would think that ransomware activity has completely gone. But that's not what we've seen in terms of the trends,” Hoyte said. “There’s ransomware activity, but it's not at the frequency or the severity levels we've experienced in the past two years. It’s constantly evolving.”
Hoyte, a speaker at the highly anticipated Women in Insurance New York summit this month, spoke to Insurance Business about her outlook on cyber insurance for the rest of 2023 and beyond.
She named three cyber insurance trends brokers and insureds should know about:
State and federal regulations and class-action lawsuits on data privacy are becoming increasingly complex, driving up cyber insurance claims. Hoyte predicted a “shakeout” around this trend as large jury awards or settlements overtake carriers.
“We have definitely seen different regulatory bodies tackle everything from cookies to pixels and images,” she said. “The rise in complexity of privacy regulations is certainly something that we're going to see more of, and it's a trend to watch.”
The complexities are heightened for businesses that play on the global stage. Companies that also operate outside the US must deal with an influx of regulatory rulings.
The MOVEIt hack has also drawn attention to exposures from third-party vendors. Cyber security measures will focus on strengthening companies’ systems against these vulnerabilities.
“That’s certainly something that we're going to continue to see, especially for a lot of our mid-market clients. Insurers have been very concerned about ‘cyber hurricanes,’ or one event that trickles and creates havoc down the path,” Hoyte said.
“We've seen it happen in real time, more often than not when a single vendor has an event, and that event trickles down to their customers, and their customers’ customers.”
Finally, the growing adoption of AI has sharpened the focus on data ownership and privacy. Hoyte said she expects more regulatory actions around the use of AI, especially in the US.
“We’ve been using AI for years, but we're at a point where AI has really graduated to the levels of the ‘Terminator,’” she said. “In the United States, it's been left unchecked. It hasn't been given the level of attention that we've seen in the EU and in China. I do think the US is going to catch up very quickly.”
Hoyte has over than two decades’ experience in the insurance industry, spending around 15 years specializing in cyber and professional liability exposures.
Having started on the “ground floor,” Hoyte witnessed the early evolution of cyber insurance, and has seen how far the conversations between brokers, underwriters, and insureds have come in those years.
Despite the market’s many ups and downs, Hoyte is passionate about the innovation in cyber.
“It’s a repository for my endless curiosity,” she told Insurance Business. “I've been a part of a group of individuals that has pioneered this new world as explorers of cyber and privacy issues, and that has been awesome.
“We’ve seen how the property market has morphed for the hundreds of years that they have on us. We've seen how the liability market has also morphed in that same way. But we were on the ground floor [of the cyber market]; we were in the founding of it. And that's, for lack of a better term, badass.”
Sign up for Women in Insurance New York Summit to join the conversation on cyber and other market trends. The annual conference is taking place on September 21, 2023.