Printed from BusinessInsurance.com

Insurers prime targets of cyber attacks says Moody's

Posted On: Nov. 19, 2015 12:00 AM CST

Cyber insurance has significant growth potential, but there are also challenges to its broad expansion in the market, including the complexity and variation of its risks, while insurers themselves are prime targets of cyber attacks, says Moody's Investors Service Inc. in a report issued Thursday.

More than 50 insurers now offer stand-alone cyber coverage, while others provide cyber-related endorsements to commercial general liability or multiperil policies, says the report by the New York-based rating agency, “Cyber Insurance: High-risk Product with Potential to Grow.”

While the market has significant growth potential, “the complexity and variation in cyber risk greatly complicate insurers' underwriting processes, making this a difficult line to evaluate,” says the report.

The report says one of the most significant challenges to insurers in this market is “a lack of actuarially analyzable data about cyber attacks,” although “over time, we expect this to shift as companies gain experience from continued cyber assaults as well as through increasing disclosure requirements for publicly traded corporations.”

Modeling cyber risks is inherently difficult because of “the lack of statistical data, the rapidly evolving nature of the risk and difficult-to-value assets,” says the report.

Other issues include the potential for risk accumulations across multiple insured clients and products; the lack of uniformity in cyber products; and the potential for extreme losses, which raises questions of insurability, says the report.

Meanwhile, insurers face their own operational risks, says the report. The nature of the data stored by insurers “and the fact that insurers frequently access and transfer it in their daily operations, makes them prime targets for cyber attacks.”

This risk goes up as insurers increase the amount of information they make available on mobile devices, the report adds.