New capital creating more competition and choice for cyber buyers

New capital flowing into the cyber insurance market will increase competition and help meet growing demand, experts have told Commercial Risk.

There have been a number of developments bringing much-needed capital to the cyber insurance market in recent months, including the first ever cyber catastrophe bond. In January, specialist insurer Beazley launched a $45m catastrophe bond to cover remote probability catastrophic and systemic events. The bond was backed by a panel of Insurance-Linked Securities (ILS) investors including Fermat Capital Management.

In a separate deal, Hannover Re secured $100m quota share retrocession cover for cyber from capital market investor and ILS fund Stone Ridge. The German reinsurer said the transaction marked the first time it was able to transfer cyber risks to the capital markets, and on a substantial scale, through a proportional reinsurance solution.

ILS capital is also flowing into the market via other alternative reinsurance solutions. In its January renewal report, reinsurance broker Aon said that it is seeing “strong demand” for event-based reinsurance structures, backed by ILS investors, that provide reinsurance protection for systemic or catastrophe cyber events.

“In addition to providing an important form of protection for the cyber insurance market, event-based reinsurance structures are attractive to alternative capital providers, creating a new source of capacity for the cyber market and a source of diversified growth for ILS investors. Aon bound a number of event-based transactions in 2022 backed by ILS funds, with more deals in the pipeline,” it said.

These ILS transactions, which provide high-level reinsurance capacity, follow moves to boost cyber capacity in the primary insurance market. Cyber mutual MIRIS, which was set up by European multinationals in response to inadequate protection from the traditional market, was granted an operating licence from the Belgian regulator to begin underwriting from 1 January 2023. At the end of January, WTW launched a new excess cyber facility called CyXS, backed by Lloyd’s syndicates.

Cyber MGA Coalition launched Coalition Insurance Company in January to provide more capacity for US insureds. The move sees Coalition transition to a full-stack insurance organisation and expand capacity in the cyber market.

These developments are good news for cyber insurance buyers, according to Jean Bayon de La Tour, head of Cyber in Europe for Marsh. “More competition and choice is a welcome development for our clients. Cat bonds are also a welcome development as an indicator of an increase in the diversity and amount of reinsurance protection to allow direct markets to provide better solutions to clients,” he said.

Capacity in the cyber market had fallen as a number of insurers scaled back their underwriting in response to a spike in ransomware claims. Capacity in the European cyber insurance market halved to $300-$400m in 2021, although new entrants in 2022 boosted market capacity to around $500m, according to Bayon de La Tour.

Increased pricing and a reduction in ransomware losses have since seen the cyber market recover. Cyber insurance premium rates increased by 13% in Europe during Q4, after a rise of around 40% on in Q3 and just below 100% at the peak in Q4 2021, according to Marsh data.

After two years of reduction, capacity began to increase again in the second half of 2022 through existing traditional markets, new insurtechs and MIRIS, said Bayon de La Tour. In addition, current insurers are willing to keep their share and grow again in 2023, he said.

According to Juan Marcano of cyber risk modelling firm CyberCube, Beazley’s cat bond and other ILS transactions are “very significant developments” for the cyber insurance sector because they highlight the “level of maturity” cyber risk has now achieved.

“A combination of factors are making these advances possible,” said Marcano, who is principal of cyber alternative risk Transfer at CyberCube. “The availability of cyber analytics plays a big role but also the search for diversification, better data, clearly defined perils and more specific wording on the policies all play a significant role,” he explained.

Marcano is optimistic that cyber capacity will continue to increase but stressed it will be a “gradual” process. “I believe we will see a gradual progression, with more transactions taking place and the level of sophistication and size of the transactions also increasing,” he said.

Cyber cat bonds and other ILS deals are only possible once a good understanding of the underlying risk is achieved, explained Marcano. “Having said that, there is still a significant effort ahead to help capital markets and alternative capital to become fully comfortable with cyber as an asset class. All these will open the doors for a more traditional model to transfer cyber risk, bringing more capacity and allowing for the growth the industry is after,” he said.

Bayon de La Tour also believes that cyber capacity will continue to grow. “Given the number of organisations that choose not to insure cyber risk, more insurers coming to the market should be welcomed. In 2021, GWP was over $9bn and should be above $22bn by 2025 [according to Munich Re]. I am confident insurers will answer to the growing demand, through more investment in learning, talents and tools, and the analysis of data,” he said.

Clients also want “simplicity” in terms of questions, offers and wordings, which makes it easier for companies to understand the added value of insurance in their broader cyber risk management strategy, continued Bayon de La Tour.

Business also need more client centricity from insurers, he added. “Time spent listening to client needs is never time lost. Depending on the size, the business sector, the geography and the IT security maturity, these needs can be very different. The market can develop even further if we adapt the offers to client needs,” he said.