Not addressing ‘silent cyber’ could lead to ratings downgrades, Fitch warns

Not addressing ‘silent cyber’ could lead to ratings downgrades, Fitch warns.

The margin for error in cyber insurance underwriting and pricing is slimmer than in other product lines and insurers in the sector may find themselves facing ratings downgrades if they do not maintain discipline, warned Fitch Ratings in a recent report.

The standalone cyber market is estimated at $2.5 billion to $3.5 billion, with rapid growth expected. However, Fitch wrote that “substantial” cyber risk resides beyond the standalone market, via unintended inclusion in traditional commercial insurance policies, known as “silent cyber.” The potential for a major cyber loss event while the exposure remains unmeasured creates serious uncertainty, as does the expansion into the standalone cyber market by less experienced underwriters.

“Cyber insurance is a profitable venture for early market entrants. While the market is poised for considerable premium growth in the next few years, signs of competitive forces eroding profit opportunities may transpire in cyber earlier than past emerging product segments,” commented Fitch analysts in the report. “Over the near term, Fitch views cyber underwriting as a risk that may exert downward pressure on some non-life insurer ratings if larger loss scenarios emerge. Ultimately, insurers that lack underwriting expertise, poorly manage cyber risk accumulations, or fail to recognize loss potential from silent cyber exposure within their traditional commercial insurance products are most vulnerable to ratings downgrades.”

Fitch acknowledged in its report that as awareness grows, silent cyber can likely be addressed and eliminated. In the short-term, though, as more insurers take advantage of this “rare growth market,” the problem persists.

“In the event of a large cyber disaster today, a major proportion of insured losses would be incurred within traditional policies,” said Fitch. “This silent cyber coverage exposure can create large risk aggregations and creates potential for differing interpretations of coverage. This ambiguity can, in turn, lead to more antagonistic settlement processes in the event of a cyber related loss.”

Fitch also highlighted primary insurers’ lack of consideration of cyber in reinsurance agreements as a concern and encouraged insurers and regulators to call for disclosure of standalone and silent cyber exposures to increase industry awareness of cyber risk management.

 

Rea the original report at Advisen.