Cyber: understanding the opportunity
The problem with the modern world is that it gets more modern by the day. New technology replaces existing technology at a blistering pace—and that pace seems to be accelerating. As we enter the world of the Cloud, where it’s possible to use your iPad to turn on your iKettle, all of these new products share something. They can be hacked.
The re/insurance industry is viewing cyber threats with an increasing level of alarm, especially as the level of potential damage from cyber attacks has been spiralling ever upwards as more and more things become vulnerable—from computers to ships to power turbines to cars.
As a result, cyber insurance is a rapidly growing line of business—and one that is being carefully watched as it constantly evolves due to the growing scope of potential vulnerabilities.
But for some it’s also a potential opportunity—albeit one that comes with a pricetag attached in terms of challenges.
“Cyber is, relatively speaking, the new kid on the block when compared to other lines of business traditionally underwritten in the Bermuda market,” says Giles Harlow, vice president of professional risk solutions at Aon (Bermuda).
“For our clients a single peril approach would solve the current patchwork, often gap-ridden, cover they have today." Giles Harlow, Aon (Bermuda)
“It has received much press over the last two years, prompted by the fact that the number of Bermuda carriers writing this class on a direct basis increased from three to 10. It is helpful that this area is also one where rates are not seeing the significant ongoing rate pressures that are occurring on many other lines.
“This class of business grabbed a lot of attention with the markets about 24 months ago when large blocks of US capacity were pulled overnight by anxious carriers as a kneejerk reaction to several high profile losses in the retail space. The subsequent uptick in rate opened the door to conversations with many of the carriers.”
According to Harlow, Aon has invested in this space in an effort to try to manage the potential financial impact of a cyber event on its clients.
“Our retail broking platform headcount increased twofold over the last 12 months and we have invested in building out our London team as well as launching Bermuda’s only dedicated cyber broking team. The focus on cyber is driven from the very top of our organisation and the support that Aon corporately provides to the broking teams has been phenomenal,” he says.
“It is excellent for large data holders—specifically in areas such as retail, financial institutions, hospitality and healthcare—and they are also our most regular purchasers. There is still scope outside of these industries but the limits required by other client sectors has been limited.”
According to Harlow, this buying pattern is due to the fact that cyber exposure, outside of data issues, is not being adequately addressed by policy contracts at present. Physical losses stemming from non-physical peril are covered by a multitude of policies in an ad hoc manner—not only within industry classes but differing by carrier policy.
A single peril
Harlow says what is needed is a solution whereby cyber exposure is treated as a single peril and all loss arising out of that peril is covered under one single, cohesive policy.
“For our clients a single peril approach would solve the current patchwork, often gap-ridden, cover they have today and would simultaneously allow carriers to better manage potential clash of limits and aggregation when a single ‘cyber event’ triggers loss under multiple policy contracts,” he explains.
“Aon is also exploring ways to help clients outside the direct marketplace and continues to invest significant internal resource incorporating our captive management team exploring future solutions.”
Another point needs to be addressed: cyber attacks are evolving almost at the same pace as technology itself. As a result hackers and other types of cyber criminals are getting increasingly active as the world continues to embrace technology ever more closely, according to Adrian Guttridge, executive director BPS, at Xchanging.
Guttridge points out that the increasing reach of the internet means that the number of potential entry points for hackers and others is also increasing.
“There seems to be a growing realisation that hackers were becoming more and more sophisticated—and that they are no longer just trying to hack accounts for information,” he says.
One area that he highlights as being potentially disruptive is so-called ransomware.
“Whereas before we’ve seen people break into systems and either steal data or steal money, what we’ve seen instead is people breaking into systems and then saying ‘if you don’t give us money we will damage your system’ or ‘we’ve been into your system and encrypted some data—if you want it unencrypted, pay us this ransom’. It’s holding computers to ransom.”
According to Guttridge, sources such as Intel have claimed that ransomware attacks have increased in the past year by up to 170 percent. He said that this increase in incidents could bring out a different type of cyber attacker, who isn’t stealing anything, but just holding a firm to ransom.
“A relevant question for companies to ask is if they have the controls in place to monitor their systems in such a way that if a ransomware demand comes in that company can know if it’s true or not—and if it’s a real claim, what can a company do about it?” he says.
“Are you willing to be held to ransom, and pay up? What if the hackers do it again the next day? How quickly can you close that loop? And is your insurer going to pay up? Are the cyber policies that the market is writing at the moment, going to cover ransomware as well?” he concludes.