COLORADO SPRINGS, Colorado – An increase in the number and size of ransomware losses since the end of 2019 changes some insurance companies' appetite for cyber-liability insurance business and continues to lead to sharp interest rate hikes for coverage.
Insurance companies are limiting capacity and expect interest rate increases to continue in 2022, despite the fact that interest rates have sometimes increased by multiples over the past two years, say brokers and insurance managers.
They spoke at meetings of the Insurance Leadership Forum, sponsored by the Council of Insurance Brokers & Agents, held in Colorado Springs, Colorado, earlier this month.
Ransomware attacks began to climb in 201
On average, prices have doubled since the rise of attacks began, and rising reinsurance costs will drive further rate hikes, he said.
Cyber-liability rates have risen between 40% and 75% this year, says Robert Gadaleta, distribution manager for Hiscox USA in Atlanta, a unit of Hiscox Ltd.  In addition to raising interest rates, insurance companies limit capacity.
Liberty Mutual has reduced the size of its book on cybercrime in recent years but still writes the business through its London marketing and special activities, says Tracy Ryan, Boston-based president, Global Risk Solutions North America, at Liberty Mutual Insurance Co.
"We scaled back a couple of years ago, and we are still very careful about making sure we have our arms around the risk," she said.  "Cyber is an area we invested in because the risk does not go away," says Kristof Terryn, CEO of North America at Zurich Insurance Group Ltd. in Schaumburg, Illinois. "But the problem with cyber is that it is such a rapidly evolving risk."
Zurich offers limited cyber capacity and generally offers it to policyholders with whom it has a broader relationship, he said.
Since the beginning of 2021, Hiscox has chosen to write only cyber liability for companies with less than $ 100 million in revenue and has stopped writing surplus cyber liability, Gadaleta says. discounted surpluses for cover layers that still see frequent losses, Gadaleta said.
"We do not know where the burner ends up with cyber yet," he said.
At-Bay, reinsured by Munich Reinsurance Co. and its subsidiary Hartford Steam Boiler Inspection and Insurance Co. can offer up to $ 10 million in cyber responsibility capacity but generally offers up to $ 5 million, Iram said. That means a sublimit of ransomware losses, usually $ 500,000, he said.
The company expects to report $ 160 million in premiums in 2021 and $ 350 million in 2022, he said. In addition, At-Bay will distribute part of its equity to support its insurance company next year and will increase the number of reinsurance companies involved, says Iram.
"We want to continue that growth rate and we have to show that we take some of the risk," he says.
The total capacity for risks for IT liability has decreased, but how much capacity insurers will be able to use next year depends on January 1, 2022, reinsurance renewals, says John Eltham, Head of Commercial Strategy and Distribution at London-based broker Miller Insurance LLP Services.
"Towers can be difficult to assemble, but up to 1/1 it is difficult to know," says Eltham. sa. Several insurance companies have introduced sublimits for ransomware and introduced other restrictions, such as requiring specific security measures as a condition of coverage, he said.
Miller seeks to expand its cyber business through the recent recruitment of Debbie Hobbs, formerly London-based cyber and technology manager for EmergIn Risk, a unit of Ryan Specialty Group Inc.