Two organizations recently expressed optimism that the softening cyber market that emerged in 2023 will remain favorable into the future. In separate reports, Moody’s Ratings and Amwins Brokerage offered insights on the sector’s landscape.
Moody’s shared that the market is “poised for significant growth over the next few years as cyberattacks continue to grow in number and sophistication with the potential to cause significant financial and reputational damage and disrupt business operations.”
Amwins reported that since the “significant” 2023 shift that presented more favorable conditions for buyers, renewals “are often coming in at level or below expiring pricing, despite increasing claims activity. This shift is driven by improved capacity from both new market entrants and existing carriers expanding their offerings, including limits up to $10 million.”
In April, Munich Re estimated total global cyber insurance premiums to be around $14 billion last year. Projections show that number nearly doubling to $29 billion by 2027.
Moody’s reported that between 2018 and 2022, cyber insurance direct premiums in the U.S. more than tripled due to higher demand and higher rates. That trend was reportedly bucked in 2023; premium volume remained flat, but the number of total policies continued to rise.
Matt Donovan, executive vice president at Amwins, said cyber insurance has become “an essential component of comprehensive risk management.” On a per-risk basis, “an insured may be able to obtain cyber insurance coverage of between $750 million and $1 billion,” Moody’s added.
Still, the cyber market represents a relatively small piece of the property/casualty insurance industry. According to Moody’s, cyber insurance accounts for less than 1% of direct written P/C premiums in the U.S.
The credit ratings organization reported that the companies holding the highest percentage of the U.S. cyber market are Chubb (8%), AXA (6.8%), Fairfax (6.4%), Travelers (5.4%) and Tokio Marine (5.3%). The top 20 companies account for approximately $5.5 billion in direct premium written. That number represents about 76% of all U.S. cyber DPW, which is approximately $7.2 billion.
Claims Trends
Even as ransomware claims surge, Amwins pointed to mitigating factors, such as defense hardening and a decline in payments that can be attributed to “enhanced cyber resilience,” including both defense against and recovery from attacks.
The increase in class action lawsuits surrounding wiretapping, illegal surveillance, pixel tracking, biometrics and California Privacy Act claims are all trends the industry is watching closely, Amwins said in the report. The brokerage reported seeing “an inundation of class action privacy lawsuits related to these areas.”
“Some carriers have moved to exclude these claims in their coverage forms,” Amwins said in the report. “Many other carriers are providing sub-limits for biometrics and excluding outright any intentional unlawful tracking of protected information.”
Amwins has also seen allegations of illegal wiretapping and illegal surveillance and a rise in TCPA- and solicitation-type suits being directed at companies for targeted data collection and advertising.
“An increase in ransomware attacks and large losses could prompt higher loss ratios, keeping price declines in check, particularly in the US,” Moody’s said in its report. “Although losses will likely increase, we expect the segment to remain profitable in 2024, absent a major catastrophe event.”