"the Profitable Potential Of Cyber Insurance Sales"
"the Profitable Potential Of Cyber Insurance Sales" - Cyber attacks are on the rise, increasingly frequent and sophisticated. But growth in cyber insurance remains well below expectations. Why? What can insurers do to add value and improve take-up rates for standalone policies?
Insurance company leaders, like those of most organizations, are grappling with the unprecedented challenges brought about by the COVID-19 outbreak: caring for customers, employees and distributors while maintaining business continuity. At the same time, many will likely still face a number of market challenges that arose well before the outbreak. One such issue was how insurers could sustain the sales of standalone cyber insurance policies, which have fallen well short of initial industry expectations despite the increase in cyber-related events. In the summer of 2019, we interviewed cyber insurance buyers and brokers to find out more. Among our main achievements:
"the Profitable Potential Of Cyber Insurance Sales"
It seems like not a day goes by without a new cyber attack being reported. 61% of companies worldwide Hiscox surveyed reported one or more events in 2019, up from 45% the previous year, with a dramatic increase in both frequency and severity.
Cyber Security Insurance For Law Firms: Why Your Firm Needs It
And while the headlines usually show hackers targeting larger companies, 63% of midsize companies experienced an event last year, up from 2018's total of 36%.
The average cost of an event for midsize businesses has more than quadrupled from $44,000 to $184,000, in part due to more frequent ransomware attacks.
Given such a risky environment, one might expect the market for a dedicated, standalone cyber insurance policy to expand exponentially. Yet the industry still has a long way to go to meet such high expectations.
Not long ago, some in the industry, like Allianz, predicted that cyber premiums could reach $20 billion or more by 2025.
How Big Is The Cyber Insurance Market? Can It Keep Growing?
In fact, net written premiums in the US totaled just $1.94 billion in 2018, with 58% ($1.12 billion) generated by standalone policies and the remaining 42% by cyber coverage included in standard commercial policies (Figure 1).
While standard policy cyber premiums rose sharply between 2016 and 2017 (Figure 2), this may be partly due to adjustments in ratios after US insurance regulators began requiring insurers to approximate what have raised or allocated specifically for cyber risks.
In light of these lower-than-expected results, some market leaders seem less optimistic about the future of cyber insurance. Aon noted that “markedly reduced growth in 2018 is sobering and makes us question whether the cyber insurance industry can live up to the aggressive growth projections that have been made.”
Many insurers are looking to sell standalone cyber insurance to supplement, if not replace, the coverage included in standard policies, which probably weren't designed to protect against today's rapidly changing cyber risk landscape. Over the years, the industry has taken similar steps to spin off other challenging specialty lines, such as directors and officers (D&O) and general liability insurance (EPLI), where the increasing frequency and severity of events has made it difficult address such exposures in a generic multi-hazard policy. Additionally, higher limits would likely be easier to obtain in a standalone cyber policy, as would the reinsurance backing to generate greater capacity if the exposure was isolated from standard property and liability risks.
Cyber Insights 2023: Venture Capital
However, despite the apparent logic of buying self-contained IT cover, there is some cause for concern about the line's future growth prospects. Market penetration remains relatively low, especially for such a high-profile exhibit. 59% of companies surveyed by Hiscox do not have any cyber insurance. While 30 percent said they plan to purchase coverage in the next year, nearly as many (26 percent) say they have no such intention.
A Marsh survey found that 43% of companies with revenues exceeding US$1 billion did not have self-contained cyber insurance, with the total uninsured rising to 64% for midsize and small businesses.
Why does there seem to be such a widespread reluctance to purchase cyber insurance in general and self-employment insurance in particular among middle-market companies (defined for this report as those with annual revenues between $250 million and $1 billion)? Given the amount of press coverage the cyberattacks have received, awareness of exposure shouldn't be missed. Hiscox found that only 3% of shoppers surveyed were "not sure what cyber insurance is."
Cyber risk is also front and center as a key exposure for management and boards to address, given all the new cyber security, privacy and data usage regulations put in place.
The 5 Best Cyber Insurance Companies Of 2023
To help solve this conundrum, the Deloitte Center for Financial Services surveyed 504 middle-market commercial insurance buyers from five industries (see sidebar, "Methodology"). We also polled 103 agents and brokers to get the seller's point of view.
Our immediate goal was to determine the reasons behind the slower-than-expected adoption rate for self-contained cyber insurance in the middle market. Such buyers may not be household names, but they often have large operations, usually with a full-time risk manager who does insurance buying. Among the topics examined:
Ultimately, our purpose is to help cyber insurers understand how to overcome the hurdles that hinder stronger and more profitable growth, not just in the middle market, but across the board, commensurate with expanding exposure.
The Deloitte Center for Financial Services surveyed executives responsible for purchasing insurance at 504 middle-market companies, defined as having annual revenues greater than $250 million but less than $1 billion. The survey, carried out during the summer of 2019, was not accidental. The pre-set quotas required a split close to 50% between buyers and non-buyers of standalone policies, whether or not they had IT coverage in standard policies (Figure 4). There were also target levels for five industries included in the study (figure 3).
Cybersecurity Trends For 2022/2023: Latest Predictions You Should Know
While respondents in the smallest of the three revenue subsets (those with companies generating more than $250 million but less than $500 million annually) were less likely to have self-employment policies, the top two subsets still had significant percentages without dedicated coverage.
We also surveyed 103 agents and brokers who market cyber insurance and serve middle-market buyers in two or more of five target industries (Figure 5).
We asked non-purchasing respondents to list all the reasons why they did not have an autonomous IT policy (Figure 6) and to rank the top three reasons among those chosen.
The cost of coverage was the top reason cited by the health care and financial buyers surveyed, and second in the other three industries surveyed. However, while cyber insurance premiums have risen lately, rising nearly 3% in the US during the third quarter of 2019, this is well below the average 8% increase in overall cyber insurance prices. trade assurances for the quarter.
Optimizing Cyber Insurance
Therefore, rather than shying away from price hikes, many potential customers may be put off by the lack of value they perceive in standalone policies. Indeed, “coverage limits too low” was cited by 34% of all respondents with no cyber coverage, while 29% said the coverage terms and exclusions were too restrictive.
Another possible explanation is a lack of budget for what would amount to an additional purchase of insurance policy. A respondent risk manager at a manufacturing company wrote that “we didn't have much to cover [autonomous] in our [insurance] budget,” a point that was also raised by buyers speaking at the 2019 Cyber Risk Insights Conference by Advisen.
Many prospective buyers may still view self-contained cyber cover as a luxury rather than a necessity. It may represent an unexpected cost that would need to be squeezed into an already tight budget or require additional funds to meet. This might be difficult for some buyers to justify to their C-suite, especially if the limits or terms don't seem enticing enough to make the add-on policy worthwhile.
Our survey revealed another major hurdle insurers face: the reason many businesses lack self-contained cover (cited by 43% of all non-buyer respondents) is because they already had cyber risks included in their policies of standard ownership and responsibility. This was the top reason cited by respondents in the retail/wholesale/e-commerce industry, while it ranked second among financial services respondents. Agents and brokers surveyed also rated this as the number one barrier to selling standalone coverage.
Cybersecurity: What Every Business Leader Needs To Know
Insurers and their intermediaries, therefore, face a major educational challenge in convincing policyholders that they need standalone coverage, at least to supplement, if not replace, any cyber coverage they may have in standard policies. As with directors and officers, employment practices, product liability, and other specialty coverages that are typically sold separately today, standalone computer policies may offer clearer terms and conditions of coverage, as well as higher dedicated limits than would be the case with the aggregation of cyber with standard property and liability exposures, such as fire, bodily harm, and crime losses.
Buying standalone could also avoid potential litigation around "silent" coverage in a standard package policy, where the cyber is neither named nor specifically excluded. Indeed, more and more insurers are explicitly excluding cyber from standard coverages and creating policies specifically designed for such risks to avoid any confusion that could lead to claims disputes, leaving many buyers without standalone uninsured policies for exposure.
One possible concern is that a third of non-buyer respondents said they “have a standalone policy in one
List of cyber insurance companies, lloyds of london cyber insurance, the definition of profitable, the power of potential, most profitable cyber security companies, the hartford cyber insurance, average cost of cyber insurance, types of cyber insurance, cost of cyber liability insurance, potential cyber attacks, the meaning of profitable, cost of cyber insurance