The beginning of a new year provides a good opportunity to reflect on changes over the past 12 months and predict what awaits in the next. Since we can see a distant end to this difficult period, it is time to imagine the future of the world.
In a recent Accenture Consumer Survey, we found that 67% of consumers expect companies to "build back better" from the recent crisis. by investing in long-term, sustainable digital solutions. More than half of the employees who have never worked from home before want to do it more often in the future. In addition, nowhere, speed and adoption of digital solutions have occurred faster than in small businesses that have been able to survive and thrive in 2020.
But with these new digital features come new risks. Digital protection will be just as important if not more important than physical. To understand what these risks mean for the cyber insurance market, we partnered with CyberCube, a leader in cyber insurance analysis, to look at the market.
The transition to digital solutions most recently as a result of the pandemic has been well documented. The dramatic transition to working from home has fundamentally changed the way we think about our work environment. The effect of this change on the cyber risk landscape has been multifaceted. In addition to existing trends such as the ongoing explosion of ransomware and the increase in remote workforce management, 2020 was punctuated by a number of major events in the world of cyber-risk, including the Twitter intrusion, the Magento hack and the Solarwinds hack near the end of the year, which may be the most important. By all. (More on this later.)
Since the world of cyber insurance is at the intersection of insurance and cyber security, it is important for insurers in this space to be forward-looking, especially since the risk landscape can change so rapidly. With this in mind, Accenture and CyberCube worked together to highlight trends and predictions to keep an eye on after 2021
1. A hardening market
The hardening market in the entire insurance industry gained momentum during the second half of 2020. The dust is still settling during the renewal season on 1 January, but it is clear that in the cyber (re) insurance market there are interest rate increases and tightening of capacity and conditions. The effect inevitably varies between different segments, where the companies that have suffered losses have been particularly negatively affected. The loss history of recent years has shown that high excess layers are no longer perceived as outside the burn layer in large programs, so capacity has shrunk for this segment, forcing many more participants to come close to the required limits, often to a large extent
rising prices, there have been some cyberspecific market trends that are likely to accelerate rapidly in 2021. Limitations in coverage, sub-limits in conditions or even exceptions to certain hazards (especially in light of ongoing ransomware problems) may make it more difficult for brokers to place certain risks. There has even been talk of exclusions related to specific events, such as the SolarWinds hack.
A silver lining of the hardening conditions is that companies that show a strong culture of proactive risk management and effective cyber security controls in a holistic way the recipients of relatively better conditions from the market. There is an increasing difference between the companies that consistently perform well and those that are behind the curve. Underwriters are more picky than ever when it comes to choosing risks, with more data at their disposal to identify best practices in cyber hygiene. Security signals can measure cyber maturity indicators and reward companies that demonstrate strong cyber security practices.
2. Price convergence
As the cyber market has matured, actuaries have been assigned to review portfolios with increasing focus. As individual insurers and teams have moved between different market players, there has also been a reduction in the previous volatility in price variation. A growing consensus has emerged about the most dangerous and best-in-class risks, with matching pricing. In previous years, there have been significant price differences for the same risk – sometimes in order of magnitude. In 2021, as a whole, there will be an increased market consensus on what is appropriate pricing for a particular risk. The competition will continue to be strong, with an increased focus on policy language, end-to-end risk management services (both pre- and post-loss services) and experience in claims settlement.
3. Technology transformation
Technology connected to the internet and networks will continue to expand dramatically along with associated risks. Hyperconnectivity for 5G networks will become commonplace in 2021, enabling much faster and more reliable data and malware transfer. This will mark the end of the "network perimeter" as usual, making corporate networks more difficult to defend. The Internet of Things will also increase its presence with extensive use of both consumer applications and expanded industrial use. The ongoing transition to cloud processing will strengthen our dependence on a small number of critical platforms in space.
4. Growth in attack vectors
The SolarWinds attack at the end of 2020 illustrated what is at stake in cybersecurity. It showed the potential consequences of nasty state-sponsored hackers with up to 18,000 companies affected by this malicious software update, including several US authorities. This attack revealed the interconnection of technology and dependence on a small number of critical vendors. So far, it seems that the motivation was espionage rather than criminal, and although the financial consequences of this event are still unclear, it has provided a window into what is to come. The attack surface continues to increase dramatically, and this trend will accelerate in 2021. This will highlight vulnerabilities in supply chains, the ubiquitous software used in several industries. As always, the weakest point in any network will prove the entry of automated attacks.
Focus on accumulation
It was not so long ago that the need to manage potential accumulation risk in the cyber insurance market was considered a luxury or an academic pastime for the curious. In the last three years, there have been several incidents that have emphasized that the issue is no longer a theoretical possibility – it is an urgent problem. Regulatory focus from PRA, Lloyd & # 39 ;s and others has also increased in the recent past. In 2021, it will be widely acknowledged that a rigorous and structured strategy for managing cyber-risk accumulation is a prerequisite and a necessity for operators. Fledgling deterministic insurance models will be supplemented and / or replaced with additional data sources and modeling features to provide greater insight into different portfolios. A better understanding of the potential accumulation points enables a more proactive strategy for managing and improving the efficiency of capital management. This will allow for increased diversification and resilience to withstand potential accumulation events. The role of insurance companies
Insurance companies need to adapt to the fast-growing digital world by not only selling more cyber insurance or charging more for it, but through
As we see it, transport companies in 2021 must focus on three main things:
- Review its core insurance methods and look for methods to complement existing analysis with new data sources and insights to drive better risk assessment against current and emerging threats.
- Build risk management functions for companies that support cyber industries. Cyber risk insurance has become increasingly complex and traditional diversity in industry or region does not offer protection against cyber threat CAT vectors.
- Develop more active risk protection. Cyber threats, such as those that occur in the event of major real estate and liability events, can benefit from solutions that work with customers to reduce risks. Explore internal or vendor-based solutions to support your customers with services that can reduce their exposure to cyber risks.
Although this list is not exhaustive, and the nature of the insurance means that we will no doubt deal with unexpected or left-wing events, an awareness of these important trends will help us in the coming year.