Risk managers accustomed to a buyer’s market for commercial cyber insurance might discover soon the party is over.
“We are starting to see rates harden,” Lindsey Nelson, U.K. and International Cyber Team Leader for CFC Underwriting, said Thursday. She was speaking as a panelist on Quarterly Cyber Risk Trends: 2019 Wrap-up, a webinar hosted by Advisen Ltd..
“The awesome time of buying $600 to $800 million worth of cyber insurance for a very, very low price – prices that make some well-experienced risk managers wonder how [the carriers] can be making money – those days are starting to be fewer and far between,” said webinar panelist Tom Srail, executive vice president of the cyber risk team at Willis Towers Watson.
“We are starting to see the very first signs of coverage narrowing,” Nelson said of the cyber market. “Where the [errors and omissions] and property markets have had a hard market the last two years, cyber has also been an area that historically has been asked to take a bit of a cut to compensate for rates going up elsewhere,” Nelson said. “Now, with the changing landscape in terms of claims, we are starting to see what looks like to be the early days of a hard cyber market.”
Panelists noted the severity of claims arising from ransomware continues to increase.
“I would not classify [cyber] as a hard market as we have seen in (directors and officers liability] and property and other insurance lines over the year,” Srail qualified. “But we are definitely not seeing capacity increasing by 40% or 50%, with dozens of new carriers jumping into the marketplace this year. We see individual markets taking a closer look at their capacity [and] maybe not offering as much as they did on a single portfolio of risks as in the past, which is putting some additional pressure on the pricing.”
At this time in 2019, CFC would have told customers it is the best time to buy a cyber policy. “Policies were about as broad as they ever could be,” Nelson said. “Rates were equally as competitive at that time, and that was especially true last year in the U.S. with the rise of digital [managing general agents].”
Srail said client managers can do some things to reduce the odds that a ransomware attack will put them out of business, such as backing up computer data offline.
“I don’t think it’s dire news – that the pricing is going to start spiking and keep going up,” said Srail. “But for organizations that are a little behind the curve from a data security and information security standpoint, they might see some unwelcome rate increases in the coming renewal cycle.”