The cyber insurance market is growing rapidly in response to a growing demand for protection, driven by an increasing severity and frequency in data breaches. This is according to rating agency Moody’s, which explained that cyber risk has become a focus for corporate boards, regulators and government officials.
Moody’s said that along with these policies, a number of insurers are offering valuable loss avoidance and risk mitigation services.
However, in the US, where it claimed there is the largest share of standalone cyber insurance policies in effect, the segment still remains a “niche market” within the commercial property and casualty (P&C) sector, explaining that it only generates a few billion dollars of premiums annually.
"The cyber insurance market has grown rapidly in the past two years in response to sharply heightened risk awareness, following widely publicised attacks on corporations, financial institutions and government agencies," said Alan Murray, senior vice president, Moody’s.
"Though cyber insurance remains a niche within the global P&C insurance market, we believe it has significant further growth potential."
Moody’s said cyber insurance has reported strong growth, at 25 percent to 35 percent in each of the past few years, with typical policy limits ranging from $5 million to $25 million per carrier, with much larger coverage towers available on a syndicated basis.
The firm views significant expansion by insurers into the cyber risk insurance market as credit negative, similar to expansion into other high risk/return product segments such as terrorism and fidelity/crime, as underwriters test the risk/return spectrum of the product.
However, it said that despite the strong further growth potential for cyber insurance, insurers have generally approached the market cautiously, often with the support of reinsurers. Additionally, there are significant challenges to sustained rapid expansion of the market, according to Moody's report.
"One of the challenges in underwriting cyber risk is the complexity of estimating clients' exposures and vulnerability," said Murray.
"The primary constraints include lack of standardised, credible data on frequency and severity loss and the fact that the same loss could affect multiple insured clients."
Source: Moody's, North America