Performance gap between cyber underwriters will widen in 2022

Performance gap between cyber underwriters will widen in 2022
The gap between the best-performing cyber insurers and the worst-performing will widen in 2022, according to the CEO of cyber risk analytics specialist, CyberCube.

In a series of predictions from CyberCube published this week, Pascal Millaire said that the spread between the loss ratios of top quintile carriers and bottom quintile carriers will widen. He attributed the change to differing underwriting strategies for managing what has been a challenging market for cyber insurers internationally.

Millaire said: “Those cyber insurers who exited 2021 with more of a ‘business as usual’ mindset will not be as well-positioned as those who exited 2021 with a call to action to dramatically improve underwriting standards. There will be a greater spread between high and low-performing carriers from a loss ratio perspective in 2022.

“In 2021, many carriers doubled down on more rigorous underwriting standards, increased use of data-driven underwriting tools and instituted disciplined underwriting strategies that resulted in them walking away from unattractive accounts. This approach will pay dividends over the coming year.”

According to Millaire and other leading CyberCube experts, 2022 will also see alternative capital providing more capacity for the cyber insurance market. Rebecca Bole, CyberCube’s Head of Industry Engagement, argued that there is the potential for the development of a cyber Insurance-Linked Securities (ILS) market in 2022 to alleviate the catastrophic financial impact of cyber-related events.

Michael Millette, Managing Partner at Hudson Structured Capital Management Ltd., and board director at CyberCube, said: “There’s currently a capacity crunch for cyber insurance, be that on an individual risk basis or on a portfolio level. In order for the industry to reach its long-term growth projections, there’s a hypothesis that we’re going to need more capital available to take on this risk than is currently available within the insurance and reinsurance markets.

“The capital that we need is a combination of capital for “regular” cyber and for “cyber cat”. The industry is doing a good job forming capital for regular cyber – companies are entering the cyber space and we’ve seen a rapid expansion of Managing General Agents (MGAs) and skilled modeling firms. That collective can bear the current level of cyber premiums. We’ve seen a series of fairly small and experimental placements of cyber retro in the capital markets, maybe totaling a few hundred million dollars. That will grow with time.”

Among the predictions, Admiral (ret.) Michael S. Rogers, former Director of the NSA and Commander of US Cyber Command, warned of cyber criminals hacking corporate systems in order to manipulate data rather than steal it. He explained: “It’s just a matter of time before we start to see data manipulation. So far, actors have locked down data and extracted it. I’m curious if that not only continues, but we start to see potential data manipulation where an adversary gains access and starts to make changes to data in a way that perhaps you don’t recognise initially, and that becomes the vector for ransom and extortion.”

Focusing on cyber security specifically, CyberCube’s team predicted 2022 will see criminals focusing on attacking vulnerabilities in supply chains and so-called single points of failure (SPoFs) – widely used cloud-based services whose failure would affect potentially millions of users worldwide.

CyberCube’s report, Cyber Predictions 2022, is available from Cyber Predictions 2022 (cybcube.com)

Share this article: