Marsh, UK government and Lloyd’s pull together to maintain lead on cyber cover
The UK will continue to dominate the growing cyber insurance market, according to plans laid out in a new report by Marsh and the UK government.
StrategicRISK’s sister title GR finds that the report, UK Cyber Security, says cyber risk to businesses is growing, but that awareness and penetration are low and that cover is expensive compared to other liability risks.
To tackle these issues, the UK government wants to increase UK firms’ resilience to cyber attacks, including promoting the UK insurance sector’s ability to cover these risks.
The report has also been supported by Lloyd’s, which was represented on the report’s working group.
Lloyd’s chief executive Inga Beale says that the demand for cyber insurance cover is increasing but is still relatively low. London market insurers currently dominate the global cyber insurance market and Beale laid out her plans for London to maintain its position.
“London is already a major centre for cyber insurance,” she says. “Insurers write more than 10% of the global cyber insurance business from London, which represents about £160m (€224.37m) in premiums, with the majority of the flow into London coming from the US.
“The London market is well positioned to compete for large and complex risks and, over time, has provided innovative solutions for new threats. Cyber fits this description and, as such, should be a priority for the London market as it plays to its traditional strengths.”
The US is the country that buys most cyber insurance cover, driven by stringent reporting requirements, according to Mayer Brown insurance and reinsurance partner Ingrid Hobbs.
Future appetite for buying standalone cyber cover in Europe is likely to be driven by a proposed European Commission regulation that will require firms to report some cyber security breaches to a national authority.
Hobbs agreed that London is likely to continue to be the centre for cyber cover for some time to come.
“I would think for the next five to 10 years it will be very London-centred,” she says.
The reason is that insurers are still developing their products and getting to understand the risk, she added.
The report also acknowledged that pricing was an issue with cyber insurance cover.
It said: “The cost of cyber insurance relative to the limit purchased is typically three times the cost of cover for more established general liability risks, reflecting the possible exposure that insurers are taking on with cyber.”
To counter this, the report said that data pooling between insurers was important to help underwriters better understand their exposures and drive premium prices down. The UK government will set up a new forum with Lloyd’s and the Association of British Insurers to investigate data pooling between insurers, according to the report.
Marsh UK & Ireland chief executive Mark Weil says that potential cyber insurance buyers would need a cultural change to ensure they were properly protected.
“Companies will need to upgrade their risk management substantially to cope with the growing threat of cyber attack, including introducing disciplines such as stress-testing, and creating a joined-up recovery plan that brings together financial, operational, and reputational responses,” Weil says.
In the report, cabinet office minister Francis Maude says: “Cyber security is not just a question of threats – it also represents an opportunity for the UK. The UK has world-leading cyber security expertise and cyber security services.
“The UK insurance sector is already a world leader. With innovative ideas, like including Cyber Essentials certification as part of insurance cyber risk assessments for small-to medium-sized enterprises, the sector is demonstrating that the UK is the natural home for a growing global cyber insurance market.”