Agents, Insurers Navigate Volatile Cyber Market Amid Changing Threats
The cyber insurance market has been experiencing rapid growth and volatility, with the cycle between hard and soft markets much more compressed than other insurance lines, according to a report from Risk Placement Services (RPS).
This volatility makes it a difficult market for agents to operate in — a fast-moving threat landscape, ever-changing client needs, and constantly rising and falling premiums — RPS states in its 2024 US Cyber Market Outlook.
According to Steve Robinson, National Cyber Practice Leader at RPS, “The perils facing cyber insurers are constantly changing in ways that cannot be predicted, and that means the market has to adapt quickly.”
The cyber market has seen a wave of innovation from 2014 to 2019, with extended coverages and falling rates. However, this was followed by a period of intense hardening and maturity from 2020 to 2022 as ransomware became a more pervasive threat. During this time, rates rose quickly, sometimes reaching triple-digit increases, and the market continued to harden until late 2022.
The market turned again in 2023, with ransomware events falling and premiums following suit. However, insurers began reducing rates with less than a year of favorable claims data, RPS said. This was largely due to newer players who were accustomed to high revenue from rocketing rates and higher policy take up.
“A couple of years ago, getting a $10 million limit was almost unheard of,” says Kunal Mallik, RPS Area Assistant Vice President. “But now you have insurers who might be willing to offer $10 million, so there’s more capacity available.”
However, with claims already rising again, the current trends will not be sustainable over the mid to long-term. Mallik suggests that a market correction on pricing is overdue. He adds that the same market dynamics that pushed new entrants to reduce premiums could now lead to them pushing up rates in the near future.
The anticipated return to a changing market is also due to a worsening claims landscape, reflective of new threats and the return of familiar ones.
Claims data from cyber incident response law firm Mullen Coughlin, LLC, shows a more active threat landscape. Based on incident type, the top threats through November 2023 were:
- Business email compromise incidents, up 35% in frequency over 2022.
- Ransomware, up 19% over 2022.
- Third-party breach, up 19%.
Mullen Coughlin claims data shows that industries leading the way in ransomware activity were:
- Professional Services, a 27% increase in frequency over 2022.
- Manufacturing and Distribution, up 22%.
- Healthcare and Life Sciences, up 12%.
- Technology, up 11%.
- Education, up 7%.
RPS Area Vice President Dillon Behr advises that agents must be smart in how they present solutions to their clients in this changing market.
“Agents need to make clear to their clients that the low premiums being offered today likely won’t be the same at the next renewal; it’s just not sustainable, and they need to be prepared for that,” Behr said. &