Specialty Podcast: End of 2023 - State of the Cyber Market
By Alliant Specialty
The 2022 cyber insurance market saw a temporary dip in rates due to global instability. However, ransomware attacks have surged in 2023, making it challenging for insurers to explain falling rates amidst rising claims. Join Meghan O’Malley and Bobby Horn, Alliant Cyber, for an insightful overview of the current state of the cyber market as well as predictions for 2024.
You are listening to the Alliant Specialty Podcast, dedicated to insurance and risk management solutions and trends shaping the market today.
Bobby Horn (00:08):
Welcome back everyone to another Alliant Specialty podcast. I am Bobby Horn from Alliant Cyber, and today I'm joined by my friend and co-leader within Alliant Cyber, Meghan O'Malley. Today we're going to be discussing the state of the cyber market with respect to pricing, retentions and key coverage considerations, and also what to be on the lookout for in the near and distant future. To kick us off, Meghan, why don't you tell us what you're seeing as far as changes in the marketplace, certainly from the last couple of years?
Meghan O’Malley (00:33):
Sure thing. Thanks, Bobby. I feel like our messaging in general, especially the last quarter, has been that our market has stabilized. We're seeing flat retentions pretty much across the board and really starting to see some premium relief. And I don't want to say it's a softening market because I don't think it is. I think our insureds who are getting really positive results and definitely far better results than they had the last few years, are the insureds who've put the effort in, who've put the work in to become better risks over the last couple of years. Those are the type of people that are seeing flat retentions and flat to even slight decreases in their premiums. However, that doesn't really go for every insured; it also doesn't go for every industry. I happen to think that the industrial industries, true industry, those who rely on operational technology - so we're talking oil and gas, utilities, manufacturing - I think they're probably still struggling. And a lot of that is led by a few carriers in those industries and those sectors that are driving increases across the board. They've just done standard increases from 15 to 20% across the board. But I do think otherwise the market really has stabilized when it comes to premium for the insureds who have done the work.
Bobby Horn (01:57):
Yeah, I think that's what I've seen as well on my book of business, where we have been able to secure decreases in some cases. I think that's really more just a function of - especially on larger towers where the excess rates are coming down more significantly than any sort of primary decreases - any decrease we're getting on the programs are really driven by increased limit factor coming down from a 90 or 95% rate down to something like 70, 75. And that's been what's driving the decrease that we're seeing. I think also to your point, it still comes down to whether the right controls are there. Because if they're not in place, we are still seeing some increases, just not to the level that we saw in 2021 and 2022. And also to your point, you mentioned with respect to the true industrial type risks, the oil and gas and manufacturing types, that operational technology exposures is a very real exposure. And I think we're seeing more and more carriers ask very specific question sets around what those controls look like from an OT perspective. So, while you may have everything buttoned up from your enterprise corporate level, are those same controls being implemented from an operational standpoint or are your networks segregated? Certainly, whether it's Beazley or Axis, having a separate set of supplemental questions with respect to that type of exposure.
Meghan O’Malley (03:12):
I think you're right about the excess; I think excess is where we've really seen some premium relief, but also, I've seen a lot of carriers who last year were only putting out $5 million lines wanting to put out $10 million lines. I've had an overabundance of capacity on some larger towers that are buying 60 to a hundred million. We've been oversubscribed and that hasn't happened in three or four years probably now. So, I do think that's a really good sign of where the insurers’ heads are because they're saying to us, we're seeing an increase in ransomware right now, and yet their appetite's grown. So, I do think it's something that we can be cautiously optimistic about.
Bobby Horn (03:55):
I think you're right. And it's very true. I've had to unfortunately bump incumbents off of programs where we had quota shares up the tower. We're now seeing carriers willing to put up tens. So, those quota shares aren't necessary. And unfortunately, it's a tough conversation to have with an underwriter, but at the same time, it's a great conversation to have with our clients. The market is flush with capacity at this point, and whether it's new capacity and companies like Bowhead or Vantage able to put up 10 million limits, it's resulting in great renewals for our clients. But you mentioned the cautiously optimistic attitude we have looking forward, and what we keep hearing and we've been hearing for months now, is that the amount of ransomware attacks is on the rise.
Bobby Horn (04:37):
I think everything I've been told from my conversations with underwriters is that 2022 was a bit of an anomaly in that a lot of displacement due to the Ukraine, Russian War, these threat actors didn't have a place to operate. But really since the beginning of the year, ransomware attacks are on the rise. So, it's kind of a weird conversation to have with our clients saying, rates are coming down, yet we also need to be aware that the carriers are still paying losses on ransomware because of the amount of attacks. I think according to several blog sites that I read through, the amount of ransomware attacks has gone up every single month. So, it's something we just need to be mindful of and just letting our clients know, I think we're in a good spot now for being in a buyer's market, but cautiously optimistic that we can maintain that. Anything different you've heard from your end as far as you know, what to look forward to for the next 12 months?
Meghan O’Malley (05:21):
Not really anything different. I think the interesting thing is, I'm hearing a few mixed messages from underwriters because of the points you just correctly made. The ransomware incidents are increasing, and so that is a concern to the underwriters. So, there are a few who are not prepared to call this a softening market at all. They're being very cautious about what to say for 2024. And then there's the others who say, we're seeing an increase in incidents, but a decrease in the cost of the incidents because of the fact that our insureds are better protected. They've better protected their backups, they've actually tested the restorations from their backups, and so they're not having to pay the ransomware as much as they used to. And so, I do feel there is some mixed messaging. Obviously, I think we can try to be optimistic and hope that we continue to see rates flatten out and maybe some slight decreases.
Meghan O’Malley (06:14):
But I do think one thing we need to be cautious of is a couple markets out there who are being really aggressive right now, and there are a handful of them who are being oddly aggressive, and I don't mean odd in a bad way, they're just being far more aggressive than some of the other standard insurers. And it's slightly worrying to me because I don't want suddenly six months from now when we have this litany of huge ransomware events that have occurred to have the market swing back up again. You know, I'd really like us to get to a point of proper stabilization where you're having some flexing in kind of that 10% up, 10% down range, but not these suddenly 75% down and 60% back up swing. So, it'd be great if we can veer more toward that stabilization point in the middle.
Bobby Horn (07:01):
I agree with you. And I think with respect to larger clients, I don't think we're going to see the swings as much as we did in the last two plus years. I think it's more on the SME type business where the premiums are still very aggressive or have gotten more aggressive. That sub hundred million, sub 250 million in revenue company where you can still get a million dollar policy for $5,000 or cheaper, I think that's where you're going to see more of the wild swings because one bad ransomware loss for a company that's paying $5k in premium, the insurer's never going to recoup that money. No matter how many $10,000 policies they charge for the next 10 years, that's gone. So, I think that's where we need to be more mindful of who are we placing coverage with. Is it with a stable market that's going to be here in the long run? I think this is a first in a series of podcasts that we're going to be releasing in honor of Cybersecurity Awareness Month for October. Some of the things we'll be talking about this month are some of the additional concerns around vendor risk management, operational technology controls and supply chain risk management. So, please stay tuned for further information along those lines.
Meghan O’Malley (08:01):
Yep. And as ever, thank you all for listening and for more information, please join us www.Alliant.com.
Alliant note and disclaimer: This document is designed to provide general information and guidance. Please note that prior to implementation your legal counsel should review all details or policy information. Alliant Insurance Services does not provide legal advice or legal opinions. If a legal opinion is needed, please seek the services of your own legal advisor or ask Alliant Insurance Services for a referral. This document is provided on an “as is” basis without any warranty of any kind. Alliant Insurance Services disclaims any liability for any loss or damage from reliance on this document.
Thanks for your message.
We’ll be in touch shortly.