Insurance Experts Expect Higher Cyber Losses

Insurance companies are expecting increased cyber-related losses across all business lines over the next 12-months, driven by increasing reliance on technology and high-profile cyberattacks, according to Willis Re's annual Silent Cyber Risk Outlook global survey. 
 
The survey reveals that over 60% of respondents estimate it is likely to incur more than one cyber related loss for every hundred non-cyber covered losses over the next 12 months in all lines of business apart from the worker compensation compared to less than 50% in any line of business in 2017. 
 
Large cyber-attacks, like WannaCry or NotPetya, are also expected to be more frequent, with over 60% of respondents stating they anticipate these occurring at least once every five years. 
 
The increasing frequency of cyber-attacks and resulting threat to utility infrastructure led to the IT/Utilities/Telecom industry group reporting the highest perceived property silent cyber risk factor, with 42% of respondents reporting they are likely to incur ten or more cyber related losses for every hundred non-cyber covered losses. 
 
Anthony Dagostino, Global Head of Cyber Risk Solutions, Willis Towers Watson, said: "The insurance market considers 'silent cyber' or cyber-related losses under policies where cyber risk isn't specifically included, to be a far greater risk than ever before. 
 
"The 2017 WannaCry and NotPetya attacks highlighted this risk and potential damage across all business areas - causing significant concern around silent cyber. This increased risk perception has highlighted the need for specific cyber coverage, but competitive market conditions are limiting the scope for coverage or pricing adjustments to be made in other lines of business." 
 
Mark Synnott, Global Cyber Leader, Willis Re, said: "Willis Re is at the forefront of helping clients assess aggregation risk to silent cyber exposure through our annual silent cyber survey, which we have built into our portfolio analytics. We also have a market-tested reinsurance solution to mitigate this risk - CAStL, a cyber aggregate stop loss that covers all forms of affirmative and silent cyber exposure." 
 
The survey ranks respondents' silent cyber risk factor from <1.01, indicating less than one anticipated cyber related loss per hundred non-cyber covered losses, to 2.0, representing as many cyber losses as non-cyber losses over the next 12 months. 
Close to 700 participants from over 100 insurance and reinsurance companies were surveyed globally across five business lines, including: first party property, other liability (including auto), worker compensation, errors and omissions (E&O) and directors and officers (D&O). 
 
Other findings include: 

Significant increase in 'other liability' silent cyber exposure: 62% believed the silent cyber risk factor is above 1.01 for 'other liability', compared to just 35% in 2017.

  • Perceived cyber risk gap closing between property and 'other liability': The gap between perceived silent cyber risk between property and 'other liability' has been eliminated since 2017. In 2017, 47% of respondents believed the silent cyber risk factor was above 1.01 for property (vs 35% for 'other liability'). In 2018 the comparable percentage for both lines of business is 62%.
  • D&O and E&O lines face significant silent cyber risk: Over 30% of respondents estimate their silent cyber factor is 1.10 or higher.
  • Silent cyber risk grows across all industry groups: In 2018, majority of the respondents believe all industry groups in both property and other liability had a silent cyber risk factor of greater than 1.01 This contrasts with 2017 when only two of the nine industry groups in property and none of the nine industry groups in other liability met this threshold. 
  • Hospitals/Medical Facilities/Life Sciences top 'other liability' silent cyber risk: The industry group with the highest silent cyber for 'other liability' with 34% of respondents view risk to be 1.10 or greater - an increase of 15% on 2017.
Marketwatch
 
You Might Also Read:
 
Cyber Insurance Has Distinctly Risky Characteristics:
 
Cyber Insurance Report 2017 - 2018 (£):
 
« The Maritime Industry's Slow Boat To Cybersecurity
New Phishing Attack Uses An Old Trick »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Perimeter 81 / Zero Trust Network Access Guide

Perimeter 81 / Zero Trust Network Access Guide

Curious how you can Implement a Zero Trust roadmap with insights from Gartner? Download this free report for a limited time only.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

GovInfoSecurity.com

GovInfoSecurity.com

GovInfoSecurity.com is an educational portal published by Information Security Media Group, a media company specializing entirely on information technology risk management.

Snort

Snort

Snort is an open source intrusion prevention system capable of real-time traffic analysis and packet logging.

Dionach

Dionach

Dionach are a certified information security specialists who provide Penetration Testing, IT Security Auditing and Information Security Consultancy.

WetStone Technologies

WetStone Technologies

WetStone develops software solutions that support investigators and analysts engaged in eCrime Investigation, eForensics and incident response activities.

Epati Information Technologies

Epati Information Technologies

ePati Information Technologies is a specialist in information technology and cyber security.

Verifi

Verifi

Verifi is an award-winning provider of end-to-end payment protection and risk management solutions.

CyberSN

CyberSN

CyberSN matches cybersecurity professionals to jobs and removes the pain from job searching and hiring.

Cyber Tzar

Cyber Tzar

Cyber Tzar is a new approach at dealing with an old problem; assessing and managing risks to your IT estate.