Rating Agency Sees Cyber-Insurance Market Remaining Hard Long-Term

Increasingly complex cyber attacks, the rise of remote working, and the growth of cryptocurrencies are among the factors likely to result in a hard cyber-insurance market for some time to come, according to A.M. Best.

In a new Best's Market Segment Report, "U.S. Cyber: The Hardest of the Property/Casualty Markets," the rating agency said growth in the US cyber-liability market far outpaced that of the overall property-casualty insurance market in 2021. But a 16 percent increase in claims with just a modest reduction in the loss ratio despite significant rate increases highlights challenges still confronting the cyber-insurance market, Best said.

Some cyber-insurance growth is being driven by the overall hardening of commercial insurance prices as a result of inflation fears and a weakening investment market, Best said. The switch to remote work during the COVID-19 pandemic increased awareness of the need for cyber protection, the rating agency said, while the rise of difficult-to-trace cryptocurrencies has made ransomware more attractive for cyber criminals, further increasing the need for cyber insurance.

"Cyber crime generated significant headlines throughout 2021," Christopher Graham, senior industry analyst at A.M. Best, said in a statement. "These attacks underscore the urgency of addressing cyber threats, which require brokers, underwriters, managing general agents, and customers to work together, along with some legislative and regulatory involvement. The rising frequency and severity of ransomware attacks suggest that insurers need to be more proactive."

Standalone cyber insurance direct premiums grew 95 percent in 2021, Best said, exceeding the 2020 total for standalone and packaged cyber policies combined.

With cyber attacks becoming more complex, Best said it expects the cyber market to remain hard for some time. "The hardening market and a lack of capacity also has made captives an attractive risk management option for corporations," the Best statement said. "Cyber-risk modeling also is improving as more data becomes available; however, these are not anywhere close in maturity to natural catastrophe models."