Cyber insurers have pulled themselves out of the dredges of the hard market, but there are fewer active cyber policies today than there were in 2020, one cyber expert shared at the CFC Summit North America 2024 in Toronto.
Meanwhile, high-profile cyber-attacks grace the media regularly. For brokers, that means cyber selling opportunities as much as it means protection gaps for insureds.
Growing or shrinking?
“Narratives are telling us that the market is going to grow substantially and we in this room have to capitalize on it — I argue a different story,” Lindsey Nelson, CFC’s cyber development leader, said during the conference.
The global cyber market is estimated to be US$14 billion gross written premium, and is expected to hit US$29 billion in three years, according to Munich Re.
But according to a Fitch Ratings report, cyber market premium decreased by 2% last year for the first time in its history.
“And that’s despite a 200% increase from the years 2020 to 2022,” says Nelson. “Many of you have experienced what a hard market cycle looks like in cyber — it was 200% growth as a result of that.”
The number of active policyholders isn’t exactly growing, either. There are fewer active policies today than in 2020, Nelson says.
“If you’re an insurance company, this is amazing news, especially if you’re an actuary — half the exposure, double the premium,” she says.
But much of that drop in policyholder count can be traced back to the historically hard cyber market, where there was high consumer demand but no supply. Now that underwriters have priced the product correctly and tightened policy restrictions, supply has grown, yet demand has waned.
However, globally, about 10% of commercial businesses have a cyber insurance policy — closer to about 5% for Canadian businesses, according to CFC. And renewals are continuously getting shopped, which means “it’s the same piece of business that’s moving around,” says Nelson.
“[There are] no new policies; renewal premiums are cheaper. How are we ever going to hit that $21 billion mark in terms of market growth?” she poses.
Simplifying cyber
With demand for cyber insurance petering off, the industry must uncomplicate cyber for its clients. Not keeping up with clients’ digital risk will mean insurers face irrelevancy to consumers.
“We have to learn to actually speak more simply about it and bring it back to basics,” says Nelson.
“Even when we asked our underwriters to explain cyber insurance to us, we often get a long list of insuring clauses A, B, C, D, telling us what cyber insurance is,” she says. “We just need to know in one or two sentences.”
That also means better explaining to clients what their risk and exposure level is.
“We see most brokers going in with wording comparisons to clients to compare Policy A to Policy B and Policy C with very minute details because that is fairly common practice in the insurance market across other product lines,” explains Nelson.
“The client is sitting there saying ‘Okay, well…I guess I better make the decision here. But actually, I don’t even know what cyber is. And I’m not sure I want it.’ So somebody has missed a step in actually explaining the risk first.”
And rather than letting it be eclipsed by clients’ other risk factors, brokers should consider leading the discussion with cyber.
“If it’s a client’s biggest exposure, lead with cyber in the first part of the meeting, so you’re not saving ‘til the very end,” says Nelson. “Leaving it for the last five minutes of a renewal meeting as a tickbox item is incredibly unhelpful.”
Feature image by iStock.com/Andrii Yalanskyi