Significant Increase in Claims Losses Pressures Cyber-Insurer Profits
April 22, 2021
Property and casualty (P&C) insurers writing cyber-insurance coverage are facing increasing profit pressure as they report significantly higher claims losses in the segment for 2020 than in prior years, according to Fitch Ratings.
"Significant premium rate increases and tighter coverage terms are anticipated to foster a recovery in underwriting performance over the medium term," a Fitch statement said. "However, a higher propensity of cyber incidents, particularly ransomware attacks, are likely to hinder a near-term reversal of claims cost trends."
The rating agency notes that cyber-insurance direct written premium growth accelerated in 2020, with the momentum continuing into this year. Fitch estimated industry direct written premium for cyber insurance in both stand-alone and package policies increased by more than 22 percent in 2020 to approximately $2.7 billion.
Meanwhile, written premiums for stand-alone cyber coverage increased 29 percent for the year, reflecting increased demand for specific cyber protection and insurers' efforts to reduce ambiguity in coverage relative to cyber risks included in package policies, Fitch said.
"Demand is driven by the need for risk management expertise and insurance protection by firms of all sizes due to incidence of network intrusions, data theft, and ransomware incidents that have increased substantially in the last two years," Fitch said.
Fitch noted that while cyber insurance represents a modest portion of the P&C industry's and individual insurers' overall underwriting exposure, a large unforeseen event such as a massive cloud intrusion or an attack on infrastructure could result in substantial losses that could pressure insurers' capital levels and individual ratings.
"Limited historical claims and underwriting data also create significant challenges, especially for new underwriters entering the segment," Fitch said. "The direct loss ratio for standalone cyber rose sharply in 2020 to 73 percent, the highest level recorded in the six years that separate cyber data were included in financial reporting."
April 22, 2021