Hiscox, the specialist insurance or reinsurance underwriter and ILS capital manager, has provided the capacity to support another novel parametric cyber risk transfer arrangement, this time covering the risk of cloud outages.
Last month we reported that Hiscox was the capacity provider backing a parametric cyber risk transfer transaction that helped an asset manager to hedge potential cyber attack related disruption to U.S. power generation assets it had invested in.
This new transaction was completed at the end of January and saw Hiscox playing a key role in developing, structuring and providing the capacity to back a parametric transaction for an Asian technology company that was looking for insurance protection against major cloud hosting outages.
“Cloud” here refers to networked computer servers hosted on the internet, which are used to store, manage, and process data in place of local servers or personal computers.
The growth in importance of the cloud brings with it a new area of cyber risk exposure, as companies around the world are increasingly reliant on cloud storage or hosting, as well as companies operating cloud facilities such as Amazon, Microsoft and Google.
A major cloud storage provider going down is seen as one of the top potential critical cyber attack scenarios that could result in significant losses to companies, as well as the insurance and reinsurance industry through business interruption claims, as well as claims on affirmative cyber policies that cover cloud infrastructure downtime.
A parametric risk transfer solution is a clever way to address this, as a trigger can be constructed using inputs such as percentage of cloud storage online, availability metrics, or other data that can be reported by third-parties.
In this case and similar to the previous parametric cyber risk transfer deal backed by Hiscox, PCS is acting as a third-party reporting agent for the arrangement, reporting on the named peril of the risk transfer contract as originally reported by the cloud service provider.
Guy Carpenter, the reinsurance arm of Marsh & McLennan, brokered the parametric cyber risk transfer arrangement.
The broker also represented the protection buyer on the technology platform created by AkinovA, which is where this transaction was entered into. It’s not immediately clear what benefits using the platform brought to the transaction, which being purely bilateral did not involve any syndication of risk to a range of markets.
The protection buyer saw a need to protect itself against cloud outages, as any downtime would drive financial impacts to their business.
The parties involved in the deal arranged a solution that provides coverage on a three-month term, which it’s said enables the protection buyer to assess its exposure on a quarterly basis.
The transaction was entered into using a standardised insurance contract, the parties said, similar to the one used for the first deal we had previously covered. That means some form of proof of insurable interest will be a feature of the contract, to enable it to be classed as insurance rather than a swap or other financial instrument.
The deal is further evidence that parametric cyber risk protection is viable and can provide valuable protection to companies exposed to specific cyber related outages, downtime and attacks.
In structuring and developing these transactions Hiscox has shown an appetite to drive greater uptake of cyber parametric risk transfer, as well as its own appetite to underwrite them by backing it with their capacity.
By wrapping data and understanding around an exposure to create a parametric trigger, useful protection structures can be designed that expand the insurability of exposures including cyber.