Cyber events and stock market performance – are they connected?

Cyber events and stock market performance – are they connected?

Cyber events and stock market performance – are they connected? | Insurance Business America

Cyber

Cyber events and stock market performance – are they connected?

Study dives into past two decades’ major cyber events to see any possible correlations

A new report focused on the cyber (re)insurance market, addressing concerns raised by ILS investors regarding the potential correlation between significant cyber events, stock market performance, and their impact on financial market asset exposures, has been released by Guy Carpenter.

Scrutinizing extensive industry and academic research, the study went on to establish that there is no clear link between observable historical cyber events and stock market downturns.

“Random noise in the market”

The study examines 14 major cyber events that occurred between January 1, 2000, and the present day, categorizing them into four distinct types:


Mass breach or vulnerability events, including Solarwinds and NotPetya
Mass service outages, exemplified by the 2011 Amazon Web Services and the 2016 Dyn DDoS attacks
Critical infrastructure compromises, such as the Colonial Pipeline and Saudi Aramco incidents
Financial market compromises, encompassing the 2010 Nasdaq breaches and the recent ION ransomware attack

To assess the potential adverse impact of a cyber event on the S&P 500, the research team also conducted a statistical analysis, examining the distribution of market returns immediately and shortly after the 14 historical events. The analysis concluded that none of these events had a significant impact on the distribution of market returns, with all falling “within the random noise in the market.”

Additionally, the report evaluates the events in comparison to the Chicago Board of Exchange (CBOE) Volatility Index (VIX), which measures expected volatility over the next 30 days. The study finds that none of the 14 events “led to meaningful rises or shifts in the VIX.”

See also  Hurricane Beryl update – the "new normal", ILS developments and loss estimates

Furthermore, the report draws a parallel between the impacts of cyber events and natural catastrophes on the S&P 500’s average 30-day performance. It notes that the market effect of both categories was “very similar to that of major hurricanes,” primarily causing significant one-time losses without inducing strategic changes in economic activity or investment.

“Our analysis demonstrates the lack of statistical correlation between widespread cyber events and stock market performance. The study also highlights that unlike natural catastrophe risks, the probability and impact of cyber-related risks can be mitigated with human intervention and AI-based cyber management tools, such as identifying and patching exploitable vulnerabilities in a timely manner. Cyber market participants can leverage our research findings to make informed decisions about their cyber strategy and attract new capital to support the sustainable growth of this insurance industry segment,” Guy Carpenter North American cyber analytics lead Jess Fung (pictured left) said.

Zain Awan (pictured right), international cyber ILS lead at Guy Carpenter, added that with the appropriate risk transfer structures, clear agreements on covered scenarios/events in cyber catastrophe transactions, and robust risk modeling, cedents and investors can be better positioned to engage and trade cyber risk exposures with confidence.

What are your thoughts on this story? Please feel free to share your comments below.

Related Stories

Keep up with the latest news and events

Join our mailing list, it’s free!