A. Introduction:
‘CYBER’ is a term derived from ‘CYBERNETICS’ which means comparative study of automatic communications and control of functions of living bodies and in mechanical electronic systems such as in computers.
Cyber Risk Management is evolving as a specialized science which does research on volatile issues arising out of revolutions in all Information Technologies. Computer Programming, Artificial Intelligence, Computer Virus and Voluminous and valuable data of business houses can be damaged, disrupted and lost in events of Cyber Crimes of Hackers. No business is safe from determined Hackers who use their skill for extortions. Ransomware, Wannaeryand Petrawrap outbreaks have been known to cause ‘Crippling Disruptions’ which can be inflicted across all sectors of all industries!
Men have invented sophisticated Revolutionary Information Technologies which enslave men to-day with unprecedented dependence on Electronic Mechanisms. Large scale disruptions are caused by these Cyber Risks.
It is a serious challenge to Insurance and Reinsurance Underwriters: UNDERWRITE CYBER RISKS ONLY AFTER FULLY UNDERSTANDING CYBER RISKS. Risk Management of all kinds of Cyber Risks is the main thrust in specialized Cyber Risk Management not by ‘Trial and Error’ but by ‘Trust and Advanced Technologies’.
Cyber Terrorism is another area where newer challenges are to be faced.
Various types of Cyber Risks with special characteristics of newer kinds of claims need to be surveyed and handled in absolutely untraditional ways by all concerned – insurers, reinsurers, surveyors, brokers etc.
Again Rating Technologies of Insurable Cyber Risks are to be evolved in the light of past events of losses, kinds of exposures and little awareness of Insureds – Insurers – Reinsurers and Brokers.
Cyber Risks Scenario is emerging since 2011-12 and real impact is being felt since 2014.
We have to look through contemporary historical advancements in IT Technologies and Cyber Risks.
B. Complexities in Handling Cyber Risks:
The scope of possible losses from Cyber Risks includes NDBI Non-physical Damage Business Interruption.
This type of insured risk is detached fully form asset related property risk. The cover protects earnings even when there are events of ‘Electricity Blackouts’, Digitalization etc. Data is turning into a critical asset and such events cause significant economic damages to business. Cyber Risk can trigger events for NDBI. – Non-physical Damage Business Interruption. First and Third Party NDBI loss events caused by Cyber Risks have a broad base. In 2016 Swiss Re/ IBM conducted a survey of companies impacted by Cyber risk landscape covering incidences of 2014-2015-2016. The median cost of $ 200,000 of a data breach event with significantly higher aggregates of losses. Knowledge of the full range and size of Cyber Risks is still in its ‘infancy stage’. Size of Cyber Risks and reliability of incident data are not easy to generate ‘Actuarial Estimates’.
Insurers also worry that the aggregation of Cyber Risks in an event of loss may result in billions of US$ and modelling occurrences is for more difficult even there can be threats to solvencies of Business Houses.
The main challenges in insuring Cyber Risks are…
i. Uncertainty about frequencies and severities of losses.
ii. Potential correlations of various Cyber Risks.
iii. Cyber Crimes and Cyber Terrorism.
iv. Malicious intents behind coordinated attacks like Ransomware
v. Constantly changing threats from untreatable perpetrators of crimes.
vi. Many business houses using most sophisticated IT Technologies are not well prepared to deal with Cyber Risks and loss events to quantify volumes of Cyber Event losses.
vii. Historical Data of Cyber Loss Events is to be built up for evolving Risk Modelling.
viii. Business Houses and Insurance Industry leaders have to make gross investments in security technologies.
ix. First line of defense against Cyber Threats of concerned Business houses means Comprehensive Risk Management practices to be handled jointly by Insured, Insurer, Reinsurers and Brokers.
x. It is very important that for better understanding of Cyber Risk Data base must be built from all angles. Insurers should closely study various problems and prospects of clients in dealing with Insurability of Cyber Risks.
xi. Insurance of Cyber Risks must help to build RESILIENCE OF BUSINESS HOUSES in an Interconnected world of It Technologies.
xii. Even information given by clients can be incomplete and ambiguous.
ALL VISUALIZE THAT THE FUTURE OF INDUSTRY IS IN FACING CHALLENGES OF ‘CYBER RISKS’. THE GROWTH IN THE DEMAND FOR CYBER COVER WILL BE QUITE RAPID WITH GREATER PENETRATIONS LOCALLY WITHIN MARKETS AS WELL AS GLOBALLY.
Underwriters have to closely understand requirements of Corporate Clients, analyses their board room decisions and invent cyber Risk solutions! ‘UNDERWRITE CYBER RISK AFTER FULLY UNDERSTANDING CYBER RISKS’. Risk Management of Cyber Risk is to be the main area of thrust.
Everyone has to find a way or make a new one to write, underwrite and reinsure Cyber Risks to satisfy demands of clients both small and big corporate firms.
The traditional competitions in soft-market conditions, increasing frequencies and severities of all Natural Catastrophes and increasing volatility of investment environment are all akin to a perfect storm in the face of disruptions caused by Cyber Risk.
Perhaps ‘Cyber Terrorism’ can be covered only on by the creation of Market Pool and other Cyber Risks can be covered by specialized Insurance Products.
Rating Technologies must be evolved and Transfer of Rating Technologies to be achieved by a Global Co-operation of Reinsurers and Insurers and (Re) Insurance Brokers.
C. Growing Cyber Insurance Market:
Real evolution of Cyber Insurance Market has been from 2014 onwards. However, since 2011 Cyber Liability Insurances with small limits have their beginnings since 2011.
The Cyber Risk landscape is changing very fast and Insured business houses as well as Insurers, Reinsurers and (Re)insurance Brokers have to keep pace with fast changing Technological Developments. Technological Revolution is closely linked with (Re)insurance Market Evolutions.
First Party losses result from Cyber incidents which include forensic Investigation costs to determine cause, notifying consumers and campaigns for public awareness.
Third Party losses relate to costs of Private litigations or firms and fees.
According to Lloyds CEO Cyber Attacks cost companies around US$ 400 BLNS every year! – SIGMA Report 1/2017
Cyber Risks are evolving continually. The dynamic nature of Cyber Risks is due mainly to rapidly growing Digital Transformation, ‘Widening Resources’ and vulnerability from hyper-connectivity. The entire process of Cyber Risks evolution is full of newer types of Threats and Opportunities. Cyber Risks structures are rapidly changing and are becoming complicated.
Firms may underestimate the complexity that is created by digital technology. This is absolutely and Reinsurance Markets.
Growing Cyber Risk Market is impacted by newer technologies, rapid digitalization with global interconnectivity.
Standalone Cyber Insurance is growing in US Market as well as in U.K. / Europe. The Cyber Insurance Market is concentrated. Main players are AIG, Chubb and XL Group. 45% of Global Cyber Premium is in U.S.A.
Worldwide Cyber Risk Premiums Approximate Projections (2015-25)
Figures in US Dollar Billions
Sr.No. | Market Participants | 2015 | 2020 | 2025 |
---|
1 | Allianz | 2.50 | 7.00 | 20.00 |
2 | AON | 2.00 | 10.00 | TBA |
3 | PWC | 3.00 | 7.50 | TBA |
4 | Advisen | 2.50 | 5.00 | TBA |
5 | ABI | 2.00 | 10.00 | TBA |
Total | 12.00 | 39.50 | 20.00 |
Cyber Policy Capacity Limits from US$ 5 MLNS to 100 MLNS.
Source: SIGMA Report 1/2017
D. Conclusion
Cyber Risks Insurances are needed by industries Insureds are ready to share information on Cyber Risks and are willing to increase their resilience in events of Cyber Attacks like Ransomware.
Main Industries interested in Cyber Risk Insurances:
Electronics, Media, Health Care, Transportation, Banking, Telecom Infrastructures, Pharma – N- Biotech, Chemical – N- Petrol and Manufacturers of Consumer Products, Industrial Products, Auto Manufacturing, Professional services, Retail, Utilities, Hotels etc.
Cyber Insurance can be better managed by Captive Insurance Market locations like Bermuda.
It remains to be seen if Financial Reinsurance Products of ART Technologies can be utilized for Cyber Risks Reinsurances.
The future of Cyber Risk Insurance and Reinsurance will be fully dependent on rapid growth of Newer Technologies, Automation, Software Data with larger volumes and enormous values of assets.
CYBER TERRORISM related to Cyber Crimes can be better covered by Market Pools and uniformly adequate ratings. Reinsurance of Market Pools will be also becoming more effective alternative to competition among Cyber Risk Insurers.
Dr. Joachim Wenning, Chairman of the Board of Management at Munich Re has spoken words of wisdom in Reinsurance with deep insight and intuition of a Global Reinsurer at Baden Baden on 23.10.2017. Conclusion of this topic is best expressed by him.
“Cyber has become highly relevant currently and will be in future it is more complex risk and carries more accumulation risk……”
Looking at the future he said that change has arrived and that the industry could learn from other industries who have undergone technology driven changes.
“Digital ingredients will be data and technology. These ingredients will be the same for our industry. They will allow better risk assessment, they will sophisticate the front end and the way we interface with customers….”
“Those who are good at it will take a bigger share, even if the pie does not grow. We need to look at how other industries are, have or will transform. They are transforming and they couldn’t care less about how our industry is transforming…….”
“How do we profit going formed? By simplifying and speeding up for the benefit of our customers…….”
“We have to earn the ability to profit from these opportunities and will not do that without transforming our industry.”
He said that our industry has to transform the way it operates in order to access rapidly changing Business Eco-Systems and to offer “Systematic Solutions”.