According to a report by S&P Global Ratings, the cyberreinsurance protection gap presents an opportunity for investors in insurance securities (ILS), which have historically filled gaps where traditional capital has shrunk or is unavailable. .
“The demand for cyber risk protection is growing, but the capacity offered by the re/insurance sector is not growing at the same rate, leading to significant increases in policy rates and a protection gap,” the report said. report titled Cyber Risk in a New Era: The Future of Insurance-Related Securities in the Cyber Marketplace Looks Uncertain.
This protection gap could provide an opening for ILS investors to gain a foothold with cyber risks, the same way they did with natural disaster risks after Hurricane Andrew in 1992, the report says, noting however that cyber risks, to date, discourage more than one entice ILS investors.
Indeed, most investors have no appetite for cyber risk, which S&P attributes “to the substantial accumulation risk, the potential positive correlation between cyber attacks and financial markets, as well as the complexity and heterogeneity of cyber-risks”.
In addition, cyber modeling is still in its infancy and many years behind natural disaster modeling, S&P said, noting that as a result cyber modeling is less reliable.
The report indicates that natural catastrophe risks continue to dominate ILS, with natural catastrophe risks accounting for 94.03% of transactions; healthcare at 2.10%; operational risk at 1.21%; life intrinsic value at 1.08%; financial guarantee risks at 0.66%; extreme mortality at 0.58% and risk of terrorism at 0.34%. (S&P provided these figures which come from Artemis).
Risks of Cyber ILS Accumulation
Discussing the issue of accumulation risks for cyber ILS, S&P said non-assertive or silent cyber risk exposures already exist in ILS transactions, as cyber events can lead to claims in other business areas. activity, such as property and liability insurance.
About 90% of ILS fund managers are concerned about the potential for silent cyber exposure within their funds, S&P said, citing PCS, a Verisk business and disaster data provider.
“Because silent cyber claims can negatively impact other lines of insurance business, ILS funds exposed to operational or property risk are already bearing the costs of silent cyber risk,” the report continues. .
“Currently there are no affirmative (explicit) cyber disaster bonds or sidecars going on, but there have been some small cyber-related ILS transactions in the form of secured reinsurance from some of the ILS carriers based in Bermuda,” S&P said.
defined, cyber risk, to help them better understand the underlying risk and quantify their exposure to it.
S&P Global explains that ILS capital is invested in the insurance industry in a variety of ways, including catastrophe bonds; side-cars (structures allowing private investment in insurance risks); guaranteed reinsurance; and industry loss guarantees (ILW), which are reinsurance contracts that take effect when industry losses reach a certain level.
“The primary purpose of ILS capital is to assume (underwrite) risk where there are high concentrations of exposure to ensure that in the event of a major loss, the risk is not just shared between global reinsurance and their debt and equity investors, but also among investors in broader capital markets,” S&P said.
These products allow reinsurers to protect their income and capital against natural disasters, while investors can diversify their portfolios by investing in assets with low correlation to other financial markets, the report continues. “Historically, as long as prices were attractive, ILS capital filled the gaps where traditional capital had fallen back or was unavailable.”
How to Increase Investor Appetite
“One way to attract more ILS investors to the cyberinsurance space could be to offer simplified transactions with a single, clearly
ILS structures that focus on clearly defined cyber events would help separate cyber risk from property, S&P explained. While a clear separation would not directly address the problem of silent cybersecurity, it would “underscore the need for clear and robust cyber risk exclusions further down the re/insurance value chain to prevent silent cyber claims,” the report says. report.
“Furthermore, it could encourage clearer inclusions and exclusions of risks in cyberinsurance contracts, thereby improving transparency, potentially for ILS investors as well.”
Another way to incentivize ILS investors would be to “focus on simplified, positive cyber transactions with clear risk definitions and establish ILW [industry loss warranties] products that have a cyber industry loss index trigger,” the report explains. (See box in this article).
“This more conservative approach would help investors improve their understanding of cyber-tail risk. Having more entry points for investors and opportunities for re/insurers to transfer specific and clearly defined risks to the capital market could help support the cyberinsurance value chain.
The report can be accessed via the S&P website.
Interested in Internet?
Receive automatic alerts for this topic.