The increased interconnectedness of today’s world at times of intensified global terror events highlights the potential for substantial cyber terror attacks, a vast exposure that will require the backing of ILS capacity as well as the efforts of the re/insurance industry.
“To date, the insurance market for bodily injury and physical damage arising from a cyber attack, or cyber terrorist attack, is limited. These are in their infancy and focused primarily at energy and utility companies,” explains BNY Mellon in a new report that explores capital markets, ILS and cyber risks.
As the world continues to transition into a truly digital one, the ability of terrorists to attack national infrastructure, power grids and other vital assets is becoming ever more real, highlighting a need for adequate protection to tackle a range of extremities, and area the ILS space can play a part.
UK Chancellor of the Exchequer George Osborne, noted the potential for terrorists to attack cities and nations via cyber attacks in a government statement in 2015.
“We know they want it [that capability] and are doing their best to build it. If our electricity supply, or our air traffic control, or our hospitals were successfully attacked online, the impact could be measured not just in terms of economic damage but of lives lost,” he said.
The potential exposure of cyber terror attacks are so vast that it’s likely the available insurance and reinsurance capacity is insufficient, and the features, skill set and capital of the ILS space will also be needed to sufficiently cover the peril.
“This threat pervades everything. It has the ability to disrupt our power systems, it goes to our nuances, and indeed even to our identity. Sony, Target, JP Morgan Chase, Home Depot, the Bangladesh Central Bank – all these cases indicate how we are suffering at the hands of a sophisticated enemy, in the motivated cyber-criminal,” said Karin Mulvihill, BNY Mellon’s Head of Technology and Compliance.
Historical data surrounding cyber attacks is sparse when compared to available data on natural catastrophe events, for example, and the wide-reaching impacts of an attack mean that what models do exist come with a fair amount of uncertainty.
It’s an inherently complex risk to assess and the potential losses hard to quantify, and when terror is added to the equation the complexity intensifies further.
Luca Albertini, Chief Executive Officer (CEO) of Leadenhall Capital Partners highlighted the difficulties with cyber terror attacks within the BNY Mellon report.
“The biggest question for terrorism and cyber will be one of definition. Let’s say a hacker opens the flood-gates in the Netherlands causing widespread destruction. So the damage is property and life, the motivation is terrorism and the conduit is cyber. Which policy pays out?,” said Albertini.
It’s an interesting point and one that further underlines the complexity of cyber terror events and difficulties assessing the losses.
However, the capacity and features of the ILS market, including the potential for cyber catastrophe bonds, is suited to such an exposure, but it’s unlikely any meaningful influence will be achieved until the peril is better understood via advances with models and data.
Ian Coulman, the Chief Investment Officer of Pool Re, highlighted this notion in the BNY Mellon report, stating that the capital markets can play a role here but “the problem is really understanding the threat.”
Within the report industry executives agreed that public and private sector partnerships at the early stages of cyber terror might be required to get things moving in the right direction.
With governments acting as insurers as last resort to remove some of the uncertainty and potentially increase coverage take-up rates for developed solutions.
“Such an approach could have multiple benefits,” said Pool Re’s Chief Financial Officer (CEO), Peter Aves.
“Pool Re is currently examining the question of cyber terrorism cover and part of that will include discussion with its reinsurance partners and, in future, perhaps with representatives of ILS markets. Additionally, the government would need to collaborate in any discussion,” said Aves.
There’s a clear role for the wealth of ILS skills, knowledge, and capacity in protecting against the growing threat of cyber terror events, and as modeling and data improves it’s likely that ILS markets will look to develop innovative products to serve the market.