Cyber market to see significant growth but still not mature
The cyber insurance market is poised for significant growth over the next few years as cyberattacks continue to grow in number and sophistication, with the potential to cause significant financial losses, reputational damage and business interruption, according to Moody’s Ratings. “Heightened awareness around cyberattacks is leading to an increasing demand for cyber insurance as an important part of risk management programmes,” it said.
However, the ratings agency said that despite its rapid growth rate, the cyber insurance market is still not mature, with meaningful variations in policy language, terms and conditions across the industry. In addition, it noted that many cyber risks remain underinsured or uninsured, which could pose significant risks to businesses and the global economy.
Moody’s said the cyber insurance market has seen moderate pricing declines and some easing of terms and conditions since 2023 as improved profitability and solid growth prospects attract new capital, and existing players expand capacity. For example, several insurers are increasing their limits while some traditional excess players are moving down into primary layers. It added that according to insurance brokers, on a per-risk basis, an insured may be able to obtain cyber insurance coverage of between $750m and $1bn.
Cyber insurance capacity is coming from both existing players willing to write more business and new market entrants, including (re)insurance carriers, managing general agents and insurance-linked security (ILS) investors, that view the cyber market as attractive, said Moody’s.
“The entrance of ILS players into the cyber insurance market is an important milestone, even though their participation is still small relative to the overall market size. Given the prospect of exponential growth in both cyber risk and demand for cyber insurance coverage, the participation of capital market investors in bearing some of these risks will be a key element in ensuring sufficient reinsurance/retrocessional capacity and spread of risk to support traditional writers,” Moody’s said.
It noted that loss ratios are likely to move higher given uptick in ransomware and large losses that could keep price declines in check, particularly in the US. Although losses will likely increase, Moody’s expects the segment to remain profitable in 2024, absent a major catastrophe event.
The ratings agency noted that cyber modelling has advanced, but the risks are constantly evolving, which creates uncertainty around return periods and the likelihood of an event. “Recent large losses and supply chain attacks will prompt further scrutiny of policy language, risk aggregations and modelling practices,” said Moody’s.