Cyber Insurance Is Unsustainable On Its Current Path

Uploaded on 2019-10-01 in FREE TO VIEW, BUSINESS-Services-Financial

The cyber insurance and reinsurance market is currently unsustainable if it continues on its current course, but better use of data and more informed regulation may offer a solution. 

This is according to Ben Beeson, Founding Member and Head of Insurance at Arceo, a risk analytics provider for the cyber re/insurance market, who spoke about where the sector might be headed.

Speaking to industry journal ReInsurance News  Beeson explained “The market has not grown as quickly as it should have,”“The best estimates are that the size of the market is roughly $4.5 billion gross written premium today. It should be much bigger than that, if you think about the size of the risk and how it impacts everybody ... and yet, because it’s arguably perceived to be the biggest opportunity in the insurance industry, there’s still more capital entering the market looking for growth. And they’re not all finding it.”

Compounding the problem is a lack of premium outside of the US market, and the fact that the top five carriers control somewhere in the region of 40-50% of the market, Besson noted.

“So think about that in terms of the other 100 players trying to go after the rest of the premium there,” he continued. “That is a problem. It’s a problem because it doesn’t lead to better underwriting, to better evaluation of risk because people are chasing market share, chasing rate. We’ve got to correct that.”

Regulation will likely play a key role in curtailing this kind of behaviour, by providing incentives for the industry to fully address the cyber risks the cyber risks it is taking on. The recent announcement from the UK’s Prudential Regulation Authority (PRA), for example, will require Lloyd’s syndicates and the wider UK re/insurance industry to more effectively manage their silent cyber risks by 2020.

“I think that’s very welcome and not before time,” said Beeson. “Silent Cyber is the biggest issue right now and regulators are going to drive it right out into the open.”

However, the belief at Arceo is that regulation needs to be combined with new technologies and data capabilities to promote a more robust and sustainable cyber market.

“The insurance market, those involved in cyber, has long complained that there’s not enough data available to accurately price and evaluate cyber risks... Our belief is that’s not correct, the data is there. It’s just you’ve got to get it, you’ve got to make sense of it, and then you’ve got to deliver it in a way that is usable depending on who wants to use it. The challenge is how to deliver that data in a market which still today is over-capitalised and very competitive with rates dropping.” Beeson explained.

“By getting the right data in the right hands, the industry can help raise corporate security standards, and at the same time, make better informed underwriting decisions, meaning much greater market sustainability.”

Arceo aims to facilitate this process by acting as bridge between the re/insurance and cyber security industries, which it believes are often speaking different ‘languages’ in their approaches to understanding risk and exposures.

Beeson concluded that the sustainability of the cyber re/insurance market’s will not be truly tested until a major ‘cyber hurricane’ occurs, which would involve a single unforeseen event causing multiple losses across carriers’ portfolios.

Reinsurance

You Might Also Read:

Wanted: Clarity About Cyber Insurance Cover:

 

« The WannaCry Hangover
Only 31% Of Employees Get Annual Cyber Security Training »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Cambray Solutions

Cambray Solutions

Cambray Solutions specializes in locating and securing technical professionals, managers, and executives.

Security Magazine

Security Magazine

Security, the business magazine for security executives, focuses on management issues facing top security professionals and effective solutions being employed, both physical and cyber.

Kenexis

Kenexis

Kenexis is a consulting engineering firm providing services for process hazards analysis, fire and gas mapping, and industrial cybersecurity.

Cyber Execs

Cyber Execs

Cyber Execs is a Cyber Security Consultancy & Executive Recruitment firm.

Atlantic Council Digital Forensic Research Lab (DFRLab)

Atlantic Council Digital Forensic Research Lab (DFRLab)

The Atlantic Council’s DFRLab has operationalized the study of disinformation by exposing falsehoods and fake news, documenting human rights abuses, and building digital resilience worldwide.

sayTEC

sayTEC

sayTEC's mission is to develop and deliver next-generation products and services in encrypted data and voice transmission.

BluBracket

BluBracket

BluBracket is the first comprehensive security solution that makes code safe—so developers can innovate and collaborate, and security teams can sleep at night.

972VC

972VC

972VC was created to help entrepreneurs find potential funding for their startups. Your guide to the Israeli startup funding ecosystem.

SecureStack

SecureStack

SecureStack helps software developers find security & scalability gaps in their web applications and offers ways to fix those gaps without forcing those developers to become security experts.

Strata Identity

Strata Identity

Strata is pioneering identity orchestration to unify on-premises and cloud-based authentication and access systems for consistent identity management in multi-cloud environments.

Guidepost Solutions

Guidepost Solutions

Guidepost Solutions are a diverse, global team of investigators, experienced security and technology consultants, and compliance and monitoring experts.

FastNetMon

FastNetMon

FastNetMon is a very high performance DDoS detection and mitigation tool which could detect malicious traffic in your network and immediately block it.

ASPIA InfoTech

ASPIA InfoTech

ASPIA Infotech is a leading Information and cybersecurity organization focused on innovative approaches to avert targeted attacks.

Astute Technology Management

Astute Technology Management

Astute Technology Management helps businesses take control of their technology and work with greater confidence.

Boldend

Boldend

Boldend offers leading-edge offensive and defensive cybersecurity solutions that empower government and commercial organizations to stay resilient in an evolving threat landscape.

Kerberus Cyber Security

Kerberus Cyber Security

Kerberus Cyber Security (formerly MintDefense) is a leading innovator in Web3 user security, dedicated to safeguarding digital assets and transactions through its flagship product, Sentinel3.