Here’s What’s Happening With the U.S. Cyber Market

Cyber insurance rates are going down, competition in the segment is only getting fiercer and loss ratios remain low.

Cyber insurance rates are going down, competition in the segment is only getting fiercer and loss ratios remain low.

These are some of the conclusions of the latest U.S. Cyber Market Update by Aon, which also shows that carriers are feeling confident enough to target small and medium companies with standardized cyber policies.

The report’s broad conclusions may lead one to believe that cyber risks are no longer as frightening as they used to be. But a closer look at the data reveals that there are some clouds on the horizon, and rather than decreasing, cyber risks faced by companies are actually on the rise.

Here are the main takeaways of the report:

Growth Has Slowed Down

By crunching data from the NAIC cyber supplement, Aon calculated that cyber insurance premiums increased by 10% in 2018, which is a far cry below the over 30% rates of growth posted in 2016 and 2017.

Nonetheless, cyber continues to be a profitable line that is attracting new players, and despite consolidation in the industry, the number of cyber insurers in the U.S. market increased from 170 to 184 in 2018.

It is too early to tell whether slower growth is a trend or if the market will resume the stellar rates of yore. If it becomes the norm, however, it could be an issue for the industry, especially if catastrophic cyber events take place.

“Cyber insurance is a line with potential catastrophic exposure, and some degree of catastrophic risk needs to be allocated to premiums,” said Jon Laux, the head of cyber analytics at Aon.

In other words, margins could narrow, affecting profitability levels and, ultimately, prices. Right now, however, the situation looks pretty comfortable. Cyber insurers’ combined ratio reached a modest 65.3% last year, one basis point lower than in 2017.

New Clients Are Wanted

One of the reasons why premium growth has slowed down is the fact that the low hanging fruit has already been picked by insurers.

In other words, large corporations in sectors with high exposure to data privacy risks, such as retail, hospitality and health care, already have cyber program in place.

The tendency is for insurers to look elsewhere for new business. Industries where operational risks trump privacy concerns, such as manufacturing and transportation, are obvious targets. But the real prize is in the market for small and medium enterprises, where premiums increased by 19% last year and 42% in 2017.

“For most insurance companies I’ve talked to recently, the SME space is where they are excited for growth,” Laux said.

There are some challenges though, like the need to have a comprehensive distribution network to reach out to this market and to invest in the education of both SMEs and their brokers about the value of cyber insurance.

Ransomware Is Now the Top Threat

Gone are the days when criminals focused on big-game hacking, where they would try to make a kill by stealing data from large companies. These are still a thing, as it was shown by the mammoth Marriott breach in November, but crooks seem to have realized that several smaller attacks provide an easier and more profitable road to the cyber riches.

Aon has concluded that ransomware attacks, where criminals block a company’s access to its own IT systems until they pay a hefty ransom, have become the crime-of-choice in the cyber underworld. As a result, the cyber market faces a situation where, although the intensity of the risk has increased, the average size of claims has diminished, from $56,688 per claim in 2017 to $50,401 last year.

This is a development that cyber carriers are likely taking into account as they target SMEs, which are less equipped to deal with this kind of threat, which is, so to say, pretty democratic.

Laux remarked that any company, no matter its size, is exposed to ransomware. With criminals feeling bolder as their attacks deliver the goods, the value of claims seems to be going up again.

“A few years ago, ransoms in the six-figure range were extremely rare,” he said. “Now they are becoming increasingly common.”

Liability Looms

We are talking about a product that is known as “cyber liability” insurance, but, in reality, the liability part of the equation is largely missing.

Last year, 68% of the 12,829 claims made covered first-party losses, which is to say, they paid damages suffered by the companies that directly endured the attacks.

But this could change soon.

Data privacy rules are mushrooming around the world, and the likes of Europe’s GDPR is beginning to hit steep fines on companies. And a big test for the market could come next year, when the California Consumer Privacy Act kicks in. It could go some way into establishing a dominant cyber liability theory that, in Laux’s view, still does not exist today. &

Rodrigo Amaral is a freelance writer specializing in Latin American and European risk management and insurance markets. He can be reached at [email protected].

How a Carrier Partner Can Help Navigate a Challenging Management and Professional Liability Market

A combination of a choppy economy with increased claims frequency and severity could lead to rate increases in the Management & Professional Liability market.

By: Risk & Insurance | April 3, 2024

Rates in the management & professional liability (M&PL) markets were on the rise from 2020 to early 2023 and are now falling rapidly.

M&PL divisions manage a number of different insurance products including management liability (D&O), professional liability (E&O), employment practices liability (EPL), fiduciary liability policies, cyber, etc. In 2023 and into 2024, a big influence on the marketplace has been the extremely aggressive and softening public company D&O market.

Though these rates have been softening for management liability, that may change over the next few years as companies continue to adjust their business models motivated by economic uncertainty. Layoffs were up nearly 200% last year, Forbes reported, even as other recession indicators, like the inflation rate, improved. A recession could lead to an increased claim activity and force carriers to raise rates.

“Whenever there is a meaningful downturn in the economy, we tend to see claim frequency pop up,” said George Schalick, Jr., senior vice president of the Management and Professional Liability Division at Philadelphia Insurance Companies (PHLY).

With continued fiscal uncertainty, businesses potentially already burdened with pandemic-related claims should seek a carrier with a long history in M&PL products. They will provide much-needed risk management guidance and be better positioned to support their insureds during market fluctuations.

Why Insureds Might See an Uptick in M&PL Claims

George Schalick, Jr., Senior Vice President of the Management and Professional Liability Division, Philadelphia Insurance Companies

The current soft market might come as a bit of a surprise as it does not track with previous underwriting cycles and economic conditions. Afterall, many privately held and non-profit organizations struggled during the early days of the pandemic with shutdowns and rapidly declining revenues. But the Government assistance programs, like the Paycheck Protection Program loans, helped keep many afloat during the tough times.

“During COVID many organizations stopped doing business until they were able to sort out all of the health and safety challenges,” Schalick said. “They were forced to lock down, but then all the government assistance programs allowed them to keep people employed. The increased volume of claims we anticipated we would see coming from the lockdowns and restrictions that were imposed upon businesses in the U.S. didn’t manifest at first.”

“Just because there wasn’t an onslaught of reported claims at the beginning of the pandemic, doesn’t mean the circumstances that would give rise to a claim being reported didn’t occur. Courts and the judicial system were closed or slowed and now that they are back open, we’re starting to see the circumstances that occurred during the COVID lockdowns becoming claims today,” Schalick said. “Litigation is progressing.”

Added to the delayed pandemic litigation is a concern over newer claims that might be filed as the country inches toward an economic downturn. Though a recession was avoided in 2023, experts think a soft dip could occur in 2024, with 76% of economists saying there’s a 50% or less chance of an economic downturn this year — that almost always results in more management liability claims.

“During the Great Recession in 2008, we saw an almost immediate spike in claims because of the economic conditions and the pressure it placed on organizations. They were making personnel changes with significant belt tightening almost immediately.” Schalick said.

What’s in Store for M&PL Policy Rates in 2024?

Despite an uptick in claims and increased economic uncertainty, management liability rates haven’t increased, resulting in market-wide pricing levels that may not meet the increased pressure of rising settlements and jury verdicts.

“Rates are going the other direction and settlement values are not falling,” Schalick said.

The mismatch between rates, claim frequency and severity is, in part, because carriers experiencing the dramatic soft market in the public D&O market are seeking premium gain in the private and non-profit market.

“In the public company market, the rates have been decreasing significantly. The rates were increasing in the private, not-for-profit market, and rightfully so, but there’s a desire to supplement overall mid-size D&O for carriers who also write private not-for-profit, and they see that as an opportunity to aggregate premium,” Schalick said. “So the always competitive landscape in the private, not-for-profit market has dramatically increased in the last 18 to 24 months.”

Still, companies of all sizes and types should be concerned about management liability rates in the future. Legal system abuse is resulting in increases in both the amount of litigation and the size of verdicts plaintiffs are receiving.

Certain areas of the country are particularly vulnerable to this type of legal system abuse. As a result, insureds in these localities are likely to be vulnerable to rate increases.

“The environment is so positive for the plaintiff that forces premium increases so carriers are able to stay in that market long term,” Schalick said.

Why a Tenured Carrier Partner Can Help Insureds Navigate An Uncertain Market

It’s clear that insureds are facing an uncertain M&PL market over the next few years. Fortunately, carriers with a long history in the M&PL space will be there to offer stability.

Philadelphia Insurance Companies has been supporting this market for 35 years. PHLY is committed to offering long-term rate stability, even as economic and claims trends start to push premiums upwards. They have an appetite for all sorts of companies, large and small, for-profit and nonprofit alike.

“We’ve been at this game for a long time and are one of the most tenured underwriters in this space,” Schalick said. “We like to stay very consistent.”

PHLY has worked with both for-profit and non-profit on management liability policies. With dedicated M&PL teams throughout the company’s 13 regions, PHLY provides the support agents and brokers are looking for on behalf of their clients. The teams know their regions well and can respond to local trends. They’re also dedicated to making the renewal process as easy as possible for their partners and policyholders.

“We have real confidence in our results, so we focus a lot on making the renewal experience as painless as possible for all agents and insureds,” Schalick said.

The company is also investing in tools to help insureds avoid losses. Earlier this year, they launched a new online risk management platform, PHLYGateway, which offers resources for insureds on how to create an employee handbook and trainings on issues such as recognizing workplace sexual harassment and discrimination.

If insureds have questions, they can consult a Best Practices Help Line, provided via the platform. That way, they can get on the spot risk management guidance to help them prevent claims.

To learn more, visit: https://www.phly.com/mplDivision/managementLiability/default.aspx.

This article was produced by the R&I Brand Studio, a unit of the advertising department of Risk & Insurance, in collaboration with Philadelphia Insurance Companies. The editorial staff of Risk & Insurance had no role in its preparation.