Newsletters
Risk Central
Digital EditionU.S. Cyber Insurance Market Slows, Adapts in 2023
The U.S. cyber insurance market has seen a slowdown in premium growth and a steady decline in loss ratios, indicating a maturing market adapting to the evolving cyber threat landscape, according to an analysis by AM Best.
Premium growth in the U.S. cyber insurance market slowed significantly in 2023, with just a 0.1% increase in direct premiums written (DPW) to reach $7.244 billion, according to filings from the National Association of Insurance Commissioners (NAIC). However, AM Best said it believes a good amount of cyber premium may be from non-NAIC filers like captive insurers and Lloyd’s of London that is not captured in the data.
AM Best noted a 2% decline in standalone cyber policy DPW to $4.986 billion, the first drop recorded. Premiums for packaged cyber policies increased slightly to $2.257 billion.
Despite a sharp increase in ransomware attacks in 2023 that resulted in a 50% increase in first-party claims, cyber insurance loss ratios have steadily declined. The U.S. cyber insurance loss ratio has declined from a peak of 66.9 in 2020 to 41.6 in 2023.
Improved cybersecurity practices by insureds and refusing to pay ransoms in over 70% of cases have reduced claims severity, more than offsetting the higher frequency of ransomware attacks, AM Best said.
Third-party claims still make up over 20% of cyber insurance claims, leaving a tail on this business, per the analysis.
Surplus lines carriers have taken over a majority of the cyber insurance market, accounting for 59.2% of all cyber direct premiums written in 2023. Their ability to respond faster to the changing needs of insureds without requiring approved policy form language positions them well for growth, especially in serving small and medium-sized entities as they move to digital environments, the rating agency said.
Challenges and Opportunities for Insurers
AM Best has assigned a stable outlook for the global cyber insurance market, seeing positive signs in premium growth, loss ratio and rate stabilization, modeling evolutions, and growth in the insurance-linked securities (ILS) market for cyber.
Systemic risk and the potential for risk aggregation have moved to the forefront of concerns for cyber insurers. While insurers are looking to limit their aggregate exposure, the models they rely on for estimating systemic risk have not yet been tested, tempering the desire to depend on them, AM Best stated.
Cyber insurers also face a significant challenge in their heavy reliance on reinsurance, with over 50% of cyber premiums ceded to reinsurers, more than any other line of insurance, AM Best said.
“This dependence on reinsurance leaves cyber insurers somewhat at the mercy of their reinsurers,” AM Best stated. “With cyber insurers already focusing on aggregate exposures to systemic risk, any pullback by reinsurers to limit their own capacity on cyber coverage will certainly flow downstream to primary insurers and limit primary insurers’ appetite for cyber insurance.”
Artificial intelligence has emerged as a significant concern among cyber insurers, particularly in the areas of media liability and intellectual property, AM Best noted. Because AI uses external inputs, it is vulnerable to allegations of copyright violations. The highest profile suit currently is The New York Times’ lawsuit against OpenAI for ChatGPT’s use of Times content without permission or proper citations. The outcome of this case could determine cyber insurers’ liability for AI content, setting a precedent for the industry, AM Best said.
To obtain the U.S. cyber report, visit AM Best’s website. &
