Cyber insurance market set to grow despite challenges: PanelPosted On: Sep. 24, 2019 9:54 PM CST
LAS VEGAS — There are lots of opportunities for insurers to grow their business by offering cyber coverage and other cyber services, but there are many challenges, too, a panel of experts said.
Cyber exposures remain tough to underwrite, so insurers need to recruit staff with specific skill sets to assess cyber risks and to partner with other cyber risk service providers, they say.
“There may not have been a bigger opportunity for (property/casualty) carriers in generations than cyber,” said Pascal Millaire, CEO of CyberCube, a San Francisco-based cyber risk modeling firm.
Estimates of the cost of cybercrime are “in the order of $400 billion to $500 billion a year and rising, and less than 1% of that is covered by a cyber insurance policy today,” he said during a session of the InsureTech Connect conference in Las Vegas on Tuesday.
While the rapidly growing exposure provides an opportunity for insurers, cyber risk also presents challenges, several speakers said.
For example, cyber risk changes quickly and historical loss data is insufficient to write future policies, said Rotem Iram, CEO and founder of At-Bay, a Mountain View, California-based managing general agent that offers cyber insurance.
“An insurance policy is for a year, and during that year, if the world is going to change five times, your coverage can’t change so you have to bake all that volatility into your pricing, which means that you cannot effectively discriminate between good and bad risks,” he said.
Cyber risks are unpredictable and can hit several different types of businesses simultaneously during widespread cyberattacks, said Siobhan O’Brien, head of the cyber center of excellence for international and global specialties at Guy Carpenter & Co. LLC in London.
“Predictability and modelability are two of the biggest challenges for the insurance industry around cyber,” she said
But the risk is being more clearly defined as more large property/casualty insurers examine their portfolios and affirmatively cover or exclude cyber risks within traditional insurance policies, Ms. O’Brien said.
As the insurance industry develops cyber insurance coverage, it is increasingly looking to partner with other companies offering cyber-related services, said Keith Moore, chairman and CEO of CoverHound Inc., a San Francisco-based online MGA.
“That’s the where the insurtech world is going right now, and the insurance carrier world. You don’t have to be a master of all the products that you have in your portfolio, but you have to know how to partner with experts in the field,” he said.
Small businesses in particular expect cybersecurity services to be included in their coverage, Mr. Moore said.
“They’re not expecting checks when something happens, they’re expecting services,” he said.
Understanding the security concerns of policyholders requires additional skill sets to be brought in by brokers and underwriters, said Ms. O’Brien.
“You can never look backward with cyber; you always have to look forward, you always have to think where is the next evolution of cyber coming from, and that requires more than four or five people sitting down and looking at actuarial tables. That requires technology companies, that requires AI, that requires cyber security companies all working together,” she said.
Ultimately, however, there will likely be consolidation between cyber security companies and insurers, said Michael Reitblat, New York-based CEO and co-founder of Forter Inc., a fraud prevention company.
“I don’t know which end it will come from — either insurance companies will start controlling the tech stack or technology will start providing insurance on their own, maybe with reinsurance providing more capital,” he said.