Cyber capacity rising amid strong risk focus: WTW

New cyber capacity has entered the market and more is likely to follow, but premiums are still surging in some circumstances, a WTW report on the Australia and New Zealand market says.

Trading conditions have stabilised for perceived strong risks, “vanilla industry profiles” and on excess lines, while policy coverage remains under very careful review.

“Technical adequacy remains a dominant driving force in rate increases, however where insurers perceive that this was achieved last renewal cycle, we are seeing low rate increases with some even achieving roll over pricing,” the cyber insurance market update says.

“However, where there is underperformance in rate or risk controls, increases can still be substantial and upwards of 75%.”

Insures remain focused on self-insured retentions, but for an increasing percentage of recent account renewals levels were seen to be adequate.

WTW says the majority of new capacity is tied to Lloyd’s coverholders, while some additional direct capacity is also being seen in the local market for excess layer placements.

Insurers remain cautious where clients could be at risk from the Russia/Ukraine crisis, particularly in the case of telecommunication organisations, financial institutions and national critical infrastructure.

The issues are also being influenced by regulatory changes including Security of Critical Infrastructure reforms, the roll-out of Consumer Data Rights and New Zealand’s The Privacy Act 2020.

Many insurers quickly reviewed contract language relating to war and terrorism exclusions following the war in Ukraine and are mindful that cyber attacks have become a modern warfare tactic.

Insurers continue to utilise ransomware co-insurance or sub-limits where they aren’t satisfied that a client’s security meets minimum standards, while views on required minimum controls are increasingly varied and flexible, WTW says.

“Articulating the complete story in relation to how an organisation assesses and manages its crucial exposures is a key step in obtaining good coverage outcomes in the market,” the report says.

“This is particularly the case for perceived difficult industries or organisations with complex risk profiles and immature cyber risk posture.”

Ransomware statistics from two vendors showed an 82% increase in ransomware data leaks last year compared to 2020. Nearly 80% of cyber attacks leverage identity-based attacks to compromise legitimate credentials and use techniques like lateral movement within the network to quickly evade detection.