GC’s Davis: Stepped-up cyber attacks keep industry on its toes

An influx of ransomware attacks and an increase in privacy claims driven by data breaches have prompted the industry to reassess cyber risk controls as it looks to safeguard $14bn of global GWP, Guy Carpenter’s cyber practice co-lead Erica Davis has told The Insurer TV.

“There's been a re-evaluation of what good risk controls and sound risk mitigation look like in this new environment, and are what we deemed to be best-in-class controls truly sufficient, given the evolving risk landscape,” said Davis.

As a result of this heightened risk environment the cyber class has, on the whole, been experiencing strong pricing momentum – but price alone is not enough, and the industry has even begun to see this come off a bit in the US due to more players entering the market as capacity providers become more comfortable with the risk.

According to Davis, there is now a newly refined view of what adequate controls on cyber threats look like, which could result in opportunity and growth, with reinsurance playing a critical role.

“About 40 to 50 percent of the overall [cyber] risk is ceded to the reinsurance market. That is higher than more mature lines of business and I think innately cyber risk feels a bit more ‘catty’, a bit more volatile, and so our cedants are really looking for long-term partnerships on the reinsurance side,” she said.

Thanks in part to heightened scrutiny around data and transparency around cyber threats, Davis is seeing a stepped-up interest in cyber and more capital has been coming in.

“It has been a favorable trade throughout 2023. With all of that being said, as the market matures, our clients are looking at how to drive better efficiencies in the market, making sure that we're always innovating, looking at fresh new structures, in order to bring continued capital into the space,” she added.

Not just improved data, but also better modeling has also swelled confidence and increased credibility over the past few years – this is also helping to attract new capital.

The newer models have outputs that are less divergent than they once were, but they’re still not lining up 100 percent. This has led Davis’s cyber team to institute a multi-model approach.

“From a cat-modeled view, we're finding it very important as we engage with clients to conduct scenario comparisons, cat load comparisons, as well as taking a very deep dive into the non-catastrophic performance.

“And our clients are really bifurcating out their view of risk, based on non-cat and cat. That's true in the modeling. It's also true in the underwriting and the pricing of the risk,” said Davis.

As she looks ahead to 1.1, Davis is pensive but hopeful, anticipating an “orderly” renewal season.

“There is abundant capacity in the cyber market now; we are expecting there to be structural exploration conversations. It is really important to consider and to continue to challenge the way that we're purchasing cyber risk in the market,” said Davis.

One approach gaining momentum is the use of occurrence covers, which are bolstered by real-life scenarios her team has used to back-test event definitions. Additionally, Davis said more ILS bonds are being transacted, and she expects more to surface before year’s end.

“Overall, I think it will be a fairly smooth renewal season.”

Watch this 15-minute video to learn more about: