U.S. Cyber Insurance Profits Strong, But Premium Growth Stagnates

Despite robust underwriting profits, U.S. cyber insurance market faces stagnation in premium volume due to pricing pressure and evolving cyber risk landscape, according to Fitch Ratings.
By: | April 17, 2024
Topics: Cyber | News

The U.S. cyber insurance market saw robust underwriting profits for the second consecutive year in 2023, but written premium volume stagnated due to renewed pricing pressure, according to a report by Fitch Ratings.

The report indicates that despite two underperforming years in 2020 and 2021, the direct incurred loss and defense and cost containment (DCC) expense ratio for standalone cyber coverage remained relatively steady at 44% in 2023, compared to 43% in 2022. This ratio has averaged a profitable 48% over the nine years that cyber supplemental data has been available.

These favorable cyber underwriting results are partly attributed to prior large increases in premium rates and insurers’ increased vigilance in cyber risk selection and underwriting. Insurers are now demanding that customers maintain proper cyber hygiene and risk management practices before agreeing to insure them, and are tightening policy language to more strictly define terms.

However, U.S. statutory direct written premiums for cyber coverage in standalone and package policies declined in 2023 for the first time on record, down 2%. This is a sharp departure from market growth of approximately 200% from year-end 2020 to year-end 2022. This decline occurred despite continued growth in demand for coverage and carriers’ eagerness to expand their cyber underwriting portfolios amid weaker pricing trends.

The report further highlights that the current underwriting profitability at these levels is unsustainable as cyber insurance pricing is likely to remain flat or decrease going forward.

Fitch noted that the Council of Insurance Agents & Brokers’ quarterly Commercial Property/Casualty Market Survey shows that pricing has significantly moderated in 2023, following rapid rate increases throughout 2021 and 2022.

Insurers are also struggling with the challenge of maintaining underwriting discipline as market competition intensifies and the claims environment continues to evolve due to technological change.

The risk of cyber loss is further heightened by the expansion of regulatory and compliance requirements, including recent U.S. Securities and Exchange Commission rules requiring cyber risk management disclosures for public companies. The SEC requirement increases the potential for litigation risks and substantial fines and penalties for not properly disclosing data breaches.

Fitch concludes by stating that catastrophe exposure from cyber risks is a significant source of uncertainty in terms of the nature, likelihood, and cost of the most severe cyber event. Despite considerable resources being expended by carriers and risk modeling firms to measure risk aggregations and probable maximum losses from larger cyber events, these tools remain less advanced than natural catastrophe risk models that have been refined over the last 30 years.

To view the report, visit the Fitch website. &

The R&I Editorial Team can be reached at [email protected].

More from Risk & Insurance