Cyber Insurance Is Unsustainable On Its Current Path

Uploaded on 2019-10-01 in FREE TO VIEW, BUSINESS-Services-Financial

The cyber insurance and reinsurance market is currently unsustainable if it continues on its current course, but better use of data and more informed regulation may offer a solution. 

This is according to Ben Beeson, Founding Member and Head of Insurance at Arceo, a risk analytics provider for the cyber re/insurance market, who spoke about where the sector might be headed.

Speaking to industry journal ReInsurance News  Beeson explained “The market has not grown as quickly as it should have,”“The best estimates are that the size of the market is roughly $4.5 billion gross written premium today. It should be much bigger than that, if you think about the size of the risk and how it impacts everybody ... and yet, because it’s arguably perceived to be the biggest opportunity in the insurance industry, there’s still more capital entering the market looking for growth. And they’re not all finding it.”

Compounding the problem is a lack of premium outside of the US market, and the fact that the top five carriers control somewhere in the region of 40-50% of the market, Besson noted.

“So think about that in terms of the other 100 players trying to go after the rest of the premium there,” he continued. “That is a problem. It’s a problem because it doesn’t lead to better underwriting, to better evaluation of risk because people are chasing market share, chasing rate. We’ve got to correct that.”

Regulation will likely play a key role in curtailing this kind of behaviour, by providing incentives for the industry to fully address the cyber risks the cyber risks it is taking on. The recent announcement from the UK’s Prudential Regulation Authority (PRA), for example, will require Lloyd’s syndicates and the wider UK re/insurance industry to more effectively manage their silent cyber risks by 2020.

“I think that’s very welcome and not before time,” said Beeson. “Silent Cyber is the biggest issue right now and regulators are going to drive it right out into the open.”

However, the belief at Arceo is that regulation needs to be combined with new technologies and data capabilities to promote a more robust and sustainable cyber market.

“The insurance market, those involved in cyber, has long complained that there’s not enough data available to accurately price and evaluate cyber risks... Our belief is that’s not correct, the data is there. It’s just you’ve got to get it, you’ve got to make sense of it, and then you’ve got to deliver it in a way that is usable depending on who wants to use it. The challenge is how to deliver that data in a market which still today is over-capitalised and very competitive with rates dropping.” Beeson explained.

“By getting the right data in the right hands, the industry can help raise corporate security standards, and at the same time, make better informed underwriting decisions, meaning much greater market sustainability.”

Arceo aims to facilitate this process by acting as bridge between the re/insurance and cyber security industries, which it believes are often speaking different ‘languages’ in their approaches to understanding risk and exposures.

Beeson concluded that the sustainability of the cyber re/insurance market’s will not be truly tested until a major ‘cyber hurricane’ occurs, which would involve a single unforeseen event causing multiple losses across carriers’ portfolios.

Reinsurance

You Might Also Read:

Wanted: Clarity About Cyber Insurance Cover:

 

« The WannaCry Hangover
Only 31% Of Employees Get Annual Cyber Security Training »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

IBackup

IBackup

IBackup is a Web Based Online Backup service provider.

Cyber Fusion Center - Maryville University

Cyber Fusion Center - Maryville University

Maryville University Cyber Fusion Center is a virtual lab for working on real-world cyber security challenges.

Mi-Token

Mi-Token

Mi-Token is an advanced two-factor authentication solution that offers unparalleled security, flexibility, cost-effectiveness and ease of use.

CISPA Helmholtz Center for Information Security

CISPA Helmholtz Center for Information Security

The CISPA Helmholtz Center for Information Security is a German national Big Science Institution within the Helmholtz Association. Our research encompasses all aspects of Information Security.

Deltagon

Deltagon

Deltagon develops information security solutions to protect companies’ confidential information in e-communication and e-services.

AppSec Labs

AppSec Labs

AppSec Labs specialise in application security. Our mission is to raise awareness in the software development world to the importance of integrating software security across the development lifecycle.

MythX

MythX

MythX is the premier security analysis service for Ethereum smart contracts.

QuillAudits

QuillAudits

QuillAudits offers advanced Ethereum, EOS, TRON smart contract audit, blockchain protocol security and formal verification to ensure your platform’s integrity.

Onsist

Onsist

Onsist brand protection services provide proactive defense against fraudulent use of your brand online.

Red Piranha

Red Piranha

Red Piranha's Crystal Eye Unified Threat Management Platform is designed for Managed Service Providers and corporations that need extreme security that is both easy to use and affordable.

Nucleon Security

Nucleon Security

Nucleon Endpoint Detection and Response EDR is the most effective way to protect the value created by your organization against any threat.

Pacific Cyber Security Operational Network (PaCSON)

Pacific Cyber Security Operational Network (PaCSON)

PaCSON is an operational cyber security network of regional working-level cyber security experts in the Pacific.

Everything Blockchain

Everything Blockchain

Everything Blockchain is a development, architecture, and software designer of Blockchain that also provides services specializing in blockchain technologies and decentralized processing.

Vantage Point Security

Vantage Point Security

Vantage Point are specialists in penetration testing and application security with a focus on the industries undergoing rapid digital transformation.

BaXian Group

BaXian Group

BaXian AG is an international consulting company specializing in IT security, data analytics, risk management and compliance.

BIRD Cyber

BIRD Cyber

BIRD Cyber is a program to promote collaboration on cybersecurity and emerging technologies aimed at enhancing the cyber resilience of critical infrastructure.

ViewDS Identity Solutions

ViewDS Identity Solutions

ViewDS Identity Solutions develops innovative identity software including cloud identity management solutions, directory services, access and authorization management solutions.