Six out of 10 insurers are expecting increased cyber-related losses across all business lines over the next 12 months, driven by increasing reliance on technology and high-profile cyber attacks, according to a report from Willis Re.
The annual Silent Cyber Risk Outlook global survey from Willis Towers Watson’s reinsurance arm revealed that over 60% of respondents estimate they are likely to incur more than one cyber related loss for every 100 non-cyber covered losses over the next 12 months, in all lines of business, apart from workers compensation. This is higher than their expectation for the same in less than 50% in any line of business in 2017.
Large cyber attacks, like WannaCry or NotPetya, are also expected to be more frequent, with over 60% of respondents anticipating these occurring at least once every five years.
Close to 700 participants from over 100 insurance and reinsurance companies were surveyed globally across five business lines, including: First party property, other liability (including auto), workers compensation, errors and omissions (E&O) and directors and officers (D&O).
Silent cyber a greater risk
The increasing frequency of cyber attacks and the resulting threat to utility infrastructure led to the IT/utilities/telecom industry group reporting the highest perceived property silent cyber risk factor, with 42% of respondents reporting they are likely to incur 10 or more cyber related loss for every 100 non-cyber covered losses.
Willis Towers Watson global head of cyber risk solutions Anthony Dagostino said, “The insurance market considers ‘silent cyber’, or cyber-related losses under policies where cyber risk isn’t specifically included, to be a far greater risk than ever before.
“The 2017 WannaCry and NotPetya attacks highlighted this risk and potential damage across all business areas – causing significant concern around silent cyber. This increased risk perception has highlighted the need for specific cyber coverage, but competitive market conditions are limiting the scope for coverage or pricing adjustments to be made in other lines of business.”
Data losses hit home in Asia
“The recent cyber event in Singapore on the healthcare institutions struck close to home. Asian insurers need to be taking action now to ensure they have coverage that will protect themselves and their clients’ data,” said Willis Re managing director Asia Pacific Mark Morley. He said, “With increasing cyber attacks globally, this is not only an issue on affirmative cyber insurance covers but also a risk on other lines of business.”
The survey ranks respondents’ silent cyber risk factor from <1.01, indicating less than one anticipated cyber related loss per hundred non-cyber covered losses, to 2.0, representing as many cyber losses as non-cyber losses over the next 12 months.
Medical and life sciences sector a major risk
Other findings include:
- Significant increase in ‘other liability’ silent cyber exposure: 62% believed the silent cyber risk factor is above 1.01 for ‘other liability’, compared to just 35% in 2017
- Perceived cyber risk gap closing between property and ‘other liability’: The gap between perceived silent cyber risk between property and ‘other liability’ has been eliminated since 2017. In 2017, 47% of respondents believed the silent cyber risk factor was above 1.01 for property (vs 35% for ‘other liability’). In 2018 the comparable percentage for both lines of business is 62%
- D&O and E&O lines face significant silent cyber risk: Over 30% of respondents estimate their silent cyber factor is 1.10 or higher
- Silent cyber risk grows across all industry groups: In 2018, majority of the respondents believe all industry groups in both property and other liability had a silent cyber risk factor of greater than 1.01 This contrasts with 2017 when only two of the nine industry groups in property and none of the nine industry groups in other liability met this threshold
- Hospitals/medical facilities/life sciences top ‘other liability’ silent cyber risk: The industry group with the highest silent cyber for ‘other liability’ with 34% of respondents view risk to be 1.10 or greater – an increase of 15% on 2017
Started last year, Willis Re’s Silent Cyber Risk Outlook survey runs annually to monitor the insurance industry’s perception of silent cyber risk. A