8th November 2023

Cyber-Editor's highlight extracts from Insurance Newslink articles in the last 3 months

-The global cyber insurance market recently returned to profitability following two years of rate increases and tightening terms and conditions. Annual premiums reached about $12bn at year-end 2022, and are likely to increase by 25%-30% per year to reach about $23bn by 2025.
In a report-"Global Cyber Insurance: Reinsurance Remains Key To Growth,"-S&P Global Ratings says that its survey of global multiline insurers(GMIs) and global reinsurers suggests growth in cyber insurance will depend heavily on reinsurance to provide capital and manage accumulation risk.
-Lloyd’s announced the 12 teams that will join the 11th cohort of the Lloyd’s Lab, the InsurTech accelerator hub for developing innovative insurance products in the Lloyd’s market-Following the success of the first regional theme in Cohort 10, the Lab have announced ‘Asia-Pacific Climate Risk, Cyber and Sustainability’ as the new theme for Cohort 11. In addition, ‘Data & Models’ and ‘New Products’ will be carried forward, with each InsurTech being aligned with one of the three themes.
-The potential theft of sensitive data, as well as phishing and ransomware attacks pose the greatest global threat to the insurance sector according to research from PwC and CSFI, the financial services think tank-the findings track the opinions of insurance leaders around the world about what they see as the most significant risks facing the sector over the next two to three years.
-Envelop Risk, the data-driven cyber (re)insurance and analytics specialist, announced the launch of its Cyber Partnership Platforms-a programme for cedents wishing to either enter the cyber risk market or expand their existing participation.
-Moody’s RMS announced the launch of Moody's RMS Cyber Industry Steering Group to develop industry initiatives that respond to the growth of the global cyber insurance market.
Leading market participants Munich Re and Gallagher Re, and global cyber risk management leader BitSight have joined the steering group, with other industry partners from across the insurance ecosystem to follow.
-PERILS, the independent Swiss-based organisation providing industry-wide catastrophe insurance data, and CyberAcuView, the independent US-based organisation set-up by leading cyber insurers for the benefit of the cyber insurance market, announced the launch of a US Cyber Industry Loss Index.
-Employees are behind a widening gap in the cybersecurity of small and medium-sized enterprises(SMEs) a survey revealed, as over three-quarters of SMEs’ C-suite and senior managers admit they have no confidence their teams are operating their own devices securely. With 54% of UK SMEs having experienced some form of cyberattack last year, it’s already well-known that staff are one of the biggest risks to a business’s cybersecurity framework-however, the new research-commissioned by Cowbell, a leading provider of cyber insurance for SMEs- goes into more depth, highlighting some of the ways that employees are unwittingly causing these risks. Employees are not the only contributing factor to risk either, as the C-suite is also lacking cyber awareness: the survey found over three-quarters of those operating at the helm of UK SMEs are unable to confidently identify a cyber incident at work, while a further 50% believe they’re unable to identify the difference between a phishing and real email-business and insurance-sector leaders are concerned about the prospect of a large-scale, systemic cyber attack—a ‘cyber catastrophe’ risk. Cyber insurance is an evolving, rapidly growing market but it has never had to deal with such an event, which makes a cyber catastrophe inherently difficult to model and price. The industry is hampered by a lack of tangible scenario data points, inconsistent or non-existent cyber catastrophe claims coding frameworks and an overarching high level of uncertainty.
-The Risk of a Cyber Catastrophe was the subject of the third paper in the Gallagher Re Gray Rhino research series. This paper discusses the relative infancy of cyber modelling, how the (re)insurance sector is managing its exposures, and a reluctance from capital providers to offer cost-effective and systemic solutions that address carriers’ true fear of the unknown.
-A study by Juniper Research found that there will be growth of 107% over the next five years in the number of industrial endpoints featuring cybersecurity protection. The research identified the rise of interconnected processes within the Industry 4.0 revolution as increasingly exposing critical industrial infrastructure to external threats; requiring wholesale changes in how industrial stakeholders secure their operations-Juniper Research defines an industrial endpoint as any physical or virtual device that is connected to a network in order to send and receive information in an industrial setting.
-Lloyd’s published a systemic risk scenario that models the global economic impact of a hypothetical but plausible cyber attack on a major financial services payments system, resulting in widespread disruption to global business and potential global economic losses of $3.5tr-the three countries that experience the highest five-year economic loss from the scenario are the US $1.1tr, followed by China $470bn and Japan $200bn. The recovery time for individual countries or regions depends on the structure of their economy, exposure levels and resilience.
-Corvus Insurance, the cyber underwriter powered by a proprietary AI-driven cyber risk platform, released its Q3 2023 Global Ransomware Report, which analyses data from ransomware leak sites to track evolving trends. According to the report, ransomware attacks continue at a record-breaking pace, with Q3 2023 global ransomware attack frequency up 11% over Q2 and 95% year-over-year(YoY).
-British Telecom(BT) cybersecurity experts currently log more than 530 signals of potential attack per second as they guard their global networks against an army of malicious actors seeking to exploit vulnerabilities–targeting businesses and critical national infrastructure-with businesses of every size going digital, the most targeted industries in the past 12 months are IT, defence, banking and insurance–19.7% of malware.
-Following two years of high but stable loss activity, 2023 has seen a worrying resurgence in ransomware and extortion claims as the cyber threat landscape continues to evolve, Allianz Commercial warned in a report. Hackers are increasingly targeting IT and physical supply chains, launching mass cyber-attacks, and finding new ways to extort money from companies, large and small.
-Global commercial insurance prices increased 3% in the third quarter of 2023, the same as the prior quarter, according to the Global Insurance Market Index released by Marsh. The third quarter marks the 24th consecutive quarter of pricing increases. Pricing continued to be relatively consistent across almost all regions in Q3. As with Q2, this was driven largely by a continuation of the trend for rate decreases in financial and professional lines and a small decrease for prices in the cyber insurance market. This was offset by property insurance increases, most notably in the US where property prices rose on average by 14%.

Cyber Trends(1,483 mentions in Insurance Newslink)