Beazley and Munich Re are teaming up to launch a major new push into cyber insurance. The move comes despite growing concern that the industry could be on the hook for enormous costs in the event of large scale attacks.
High-profile cyber attacks on Sony, Ashley Madison and TalkTalk have prompted a wave of demand for cover. Broker Willis Towers Watson thinks that the cyber insurance market is growing by 30 to 40 per cent per year. Some estimates see it reaching $15bn of premiums per year by the early 2020s, from about $3bn-$4bn now.
New European rules due in 2018, which will force companies to report details of cyber breaches to regulators and affected customers, are expected to push demand up still further.
Beazley and Munich Re are aiming to take advantage of that growth by offering tailor-made cyber policies with double the amount of coverage that was previously available.
“We didn’t want to take a one-size-fits-all approach,” said Paul Bantick, head of cyber at Beazley, who says that the policies will cover physical damage to property (which is often excluded from cyber insurance) and bodily injury as well as more traditional areas such as the costs of data loss and business interruption.
He added that the maximum cover the company is prepared to offer a single client will rise from $50m to $100m. “It is very rare that people will provide that level of capacity for cyber coverage,” he said.
However, not everyone in the insurance world is so excited about the market. Earlier this year Michel Liès, chief executive of Swiss Re, told the Financial Times that it was too early to say whether cyber was an opportunity or a threat. He added that insurers were having difficulties determining possible future claims.
Lloyd’s, the London insurance market, put cyber at the top of a list of five big risks that the market faces in 2016. It highlighted the risk of “accumulation”, or lots of clients making the same sort of claim at the same time, and demanded that underwriters calculate their potential losses from cyber attacks and submit the results by the end of March.
One of the worries in the market is that insurers might have exposure to cyber risk via existing, non-cyber policies. “There are people with old products such as liability insurance or property damage insurance where the wording has not changed for decades,” said Simon Kilgour of law firm CMS.
“There are no specific exclusions in those policies so there is a question of whether a cyber loss would be covered. If you can’t prove that you have excluded cyber, then you have to assume you could be exposed.”
Andrew Coburn of risk modelling specialist RMS said: “The issue is that insurers are not quite sure of what their exposure might be to a cyber attack. They are afraid it could be as systemic as asbestos risk was for Lloyd’s.” The market almost collapsed in the 1990s because of rising asbestos claims.
There was standing room only at a meeting held by RMS at Lloyd’s earlier this year to discuss cyber risk, with more than 150 people in attendance.
The result of all these worries is that some insurers are wary of offering cyber cover, and those that do may limit the amount of exposure they will take on.
Source: FT