Before insurance-linked securities (ILS) move wholesale into the cyber risk underwriting arena the technologies and risk models used to quantify cyber exposures will need to mature further, but once that happens we should expect the provision of cyber reinsurance capital to come from diversified sources, according to PwC.
In its recent global cyber survey, consultancy PwC said that while cyber risk underwriting is seen as a key opportunity for the re/insurance sector, it’s important that the opportunity for premium growth is balanced with the risks being assumed.
In the past it has been difficult for insurance and reinsurance firms to understand cyber exposures without employees with specific domain knowledge. That domain knowledge remains vital for underwriting cyber, but with analytical tools and cyber risk models now improving all the time it is expected that more companies will target the line of business over the years to come.
PwC noted the “significant risks and downside potential” to underwriting cyber insurance or reinsurance, saying that it is still unclear whether or not cyber risks are adequately priced, especially given the potentially systemic and extreme nature of cyber-attack losses.
Reinsurance has become a key lever for the insurers targeting expansion into cyber risks and PwC notes that 75% of the insurers surveyed are utilising reinsurance capacity as a way to manage the growth of their cyber exposures.
At the moment, cyber reinsurance is predominantly purchased as proportional covers, with no respondents to the survey reporting using non-proportional cyber reinsurance solutions at this time.
That makes sense as insurers and reinsurers seek to safely grow their cyber risk portfolios, offloading a share of the risks to third-parties.
In fact, almost 40% of those surveyed are passing on at least 50% of their cyber exposures to reinsurance capital, as they prudently try not to become over-exposed to large cyber events.
Insurers in the main are retaining a specific amount of cyber risk and then transferring everything above that to the reinsurance market.
The early stages in the development of cyber risk quantification tools means that proportional reinsurance is the main solution, as this aligns the interests of the underwriters and the reinsurers, rather than forcing them to use model results that they may not yet fully trust.
PwC notes that the trust in cyber risk quantification tools and cyber risk models is growing though and with this increased understanding of cyber risk will come greater diversification of reinsurance capital and also non-proportional reinsurance solutions.
As these cyber risk quantification capabilities mature, PwC says that it expects to see an increasing amount of insurance-linked securities (ILS) capacity backing the cyber underwriting market.
Already some ILS funds have entered into small cyber ILS deals, but these remain few and far between and are the domain of the ILS fund managers that are attracted to specialty lines business, mostly.
But along with enhanced quantification capabilities will come a greater swathe of the capital markets, as cyber risks become more accessible to ILS funds and their investors.
It’s no surprise that for reinsurers the main way to hedge their own cyber accumulation exposure right now is through industry loss triggers, based on cyber event reporting.
Again, as the understanding of cyber risk matures the market will see other hedging tools become possible, including eventually a greater availability of retrocession on an indemnity basis against cyber risks and perhaps even cyber catastrophe bonds will become an option.