As underwriters reported substantially higher segment claims losses in 2020 compared to the years before, property and casualty insurers that write cyber coverage face increasing profit pressure, especially with increasing premium rate and tighter coverage terms, which are expected to bolster a recovery in underwriting performance over the medium term. Nonetheless, the increasing propensity of cyber incidents, particularly ransomware attacks, is likely to serve as a threat to a near-term reversal of claims cost trends, Fitch Ratings says.
The year 2020 witnessed a rise in cyber insurance direct written premium (DWP) and the uptrend continued into 2021. According to Fitch’s findings, based on compiled data from cyber insurance supplemental filings in statutory financial statements, the DWP for cyber coverage in standalone and package policies, increased by over 22 percent in 2020 to reach $2.7 billion.
The written premiums for standalone cyber coverage rose by 29 percent for the year, signaling a significant increase in demand for specific cyber protection, as well as insurers’ interest in reducing ambiguity in line with coverage relative to cyber risks included in package policies. Owing to the incidence of network intrusions, data theft and ransomware incidents that have increased substantially in the past two years, the demand is driven by the need for risk management expertise and insurance protection by firms of all sizes.
With cyber insurance reflecting a modest portion of the overall underwriting exposure to the property and casualty industry and individual insurers, a large unforeseen cyber event – such as a massive cloud intrusion or attack on infrastructure – could result in substantial individual incurred losses that could cause pressure in capital levels and individual ratings.
In addition, limited historical claims and underwriting data pose significant challenges, especially for new insurance underwriters entering the segment. The direct loss ratio for standalone cyber rose sharply in 2020 to 73 percent, which represents the highest level recorded in the six years that separate cyber data included in financial reporting.
According to the Council of Insurance Agents & Brokers’ Commercial Property/Casualty Market survey, in terms of risk exposure, there were meaningful alterations by the response of the coronavirus pandemic. Alongside increased intrusions from phishing emails and other means, the broad shift to a remote workforce added stress to network security systems causing the premium rates for cyber coverage to moved sharply upward in 2020 in response to poorer experience with average cyber renewal premium rates, up 11 percent year-on-year in the fourth quarter of 2020.
This trend is however projected to continue into 2021 and beyond. Other changes in risk selection and policy terms in addition to the price increases likely necessary for a significant turnaround in underwriting performance includes coverage exclusions and sub-limits. Any reduction in cyber incidents and losses will ultimately be tied to organizations implementing more effective risk prevention and event remediation measures.
Consequently, the nature of cyber threats also serves as a hindrance to insurer’s efforts to diversify cyber underwriting portfolios and manage risk aggregations. As cyber incidents have proliferated globally, geographic diversification often does not offset cyber risk.