5 predictions for Cyberinsurance in 2021
The start of a new year is a good time to look back on the previous 12 months and look forward to what lies ahead in the coming year. It’s time to reimagine the world’s future now that we can see a possible end to this trying era.
However, new threats surround these new digital capabilities. Digital safeguards would become just as, if not more, essential than physical safeguards. We looked at the industry with CyberCube that pioneers in cyber insurance research to see what these risks mean for the cyber insurance market.
The pandemic’s effect on the shift to technology transformation over the last year has been well reported. The radical transition to working from home has profoundly changed our perspective on the workplace. This shift has had a wide-ranging effect on the cyber threat environment. In addition to current developments such as the continuing explosion of ransomware and the rise of managing remote workforces, the year 2020 was marked by a range of major cyber risk incidents. This includes the Twitter breach, the Magento hack, and, towards the end of the year, the SolarWinds hack, which may be the most critical of all.
1. A hardening market
In the second quarter of 2020, the hardening demand in the insurance industry picked up the pace. While the dust has yet to settle on the January 1 renewal season, it is clear that there have been premium increases as well as a tightening of ability and terms in the cyber (re)insurance sector. The effect undoubtedly varies by section, with businesses that have incurred losses bearing the brunt of the brunt. Because high excess layers are no longer considered outside the burn layer in large programs, room for this section has diminished, causing many more participants to get close to the necessary limits, often at much higher rates.
Several cyber-specific market developments have emerged in the face of rising prices, which will possibly intensify rapidly in 2021. Coverage restrictions, sub-limits in the circumstances, or even exclusions for specific perils (particularly in light of ongoing ransomware issues) can make it more difficult for brokers to place such risks. Exclusions relating to particular incidents, such as the SolarWinds hack, have also been addressed.
One silver lining of the market’s hardening conditions is that businesses that show a clear culture of risk management and robust cybersecurity controls comprehensively will benefit from comparatively stronger market terms. There is a growing divide between businesses that consistently perform well and those that are falling behind. With more data at their disposal to determine best practices in cyber hygiene, underwriters are more conscientious than ever when it comes to risk selection. Companies that show good cybersecurity may be rewarded with security signals, which can assess cyber maturity measures.
2. Pricing convergence
As the cyber market matures, actuaries were assigned with rising priority to review portfolios. Moreover, when individual undertakings and teams have switched between various market players, the previous price variance has been reduced. There has been a rising consensus on the riskiest and greatest risks with price matching. In previous years, there were major price variations for the same threat by magnitude. In 2021, there will be a growing market consensus on the acceptable price for the risk. The competition will continue to be strong, emphasizing policy vocabulary, end-to-end asset management services (both pre-and post-loss services), and claims management expertise.
3. Technology transformation
Technology connected to the internet and infrastructure will continue to grow rapidly, bringing with it new risks. 5G networks’ hyperconnectivity will become mainstream in 2021, allowing for much quicker and more secure data—and malware—transmission. This will mean the end of the “network perimeter,” as we know it, making network systems more difficult to protect. The internet will grow in popularity with the widespread adoption of consumer applications and expanded industrial applications. The ongoing move to cloud infrastructure will only strengthen our dependence on a limited number of vital platforms.
4. Growth in attack vectors
The SolarWinds attack, which occurred at the end of 2020, demonstrated the importance of cybersecurity. With up to 18,000 businesses affected by this malicious software upgrade, including several US government agencies, it demonstrated the possible consequences of sinister state-backed hackers. This assault revealed the interrelatedness of technology and the reliance on a limited number of key suppliers. Although the financial implications of this case are still unknown, it seems that the motive was espionage rather than criminal, and it has given an insight into what is to come. The attack surface is continuing to grow rapidly, and in 2021, this trend will intensify. This will draw attention to flaws in supply chains and the pervasive software used in many industries. As is often the case, any network’s main weakness would serve as the entry point for automated attacks.
5. A focus on accumulation
It wasn’t long ago that the need to manage future accumulation risk in the cyber insurance industry was regarded as a privilege or a fascinating academic pursuit. Several events in the last three years have shown that the problem is no longer a theoretical possibility—it is a pressing concern. The PRA, Lloyd’s, and others have recently increased their regulatory emphasis. By 2021, it will generally accept that carriers must take a systematic and organized approach to manage cyber risk accumulation.
While this list isn’t comprehensive, and the essence of insurance means we’ll no doubt have to deal with unexpected or out-of-the-blue cases, being mindful of these key patterns will benefit us in the coming year.