Not addressing 'silent cyber' could lead to ratings downgrades, Fitch warns

By Erin Ayers, Advisen

**This article was originally published in Advisen's Cyber Front Page News on October 1, 2017**

The margin for error in cyber insurance underwriting and pricing is slimmer than in other product lines and insurers in the sector may find themselves facing ratings downgrades if they do not maintain discipline, warned Fitch Ratings in a recent report.

The standalone cyber market is estimated at $2.5 billion to $3.5 billion, with rapid growth expected. However, Fitch wrote that “substantial” cyber risk resides beyond the standalone market, via unintended inclusion in traditional commercial insurance policies, known as “silent cyber.” The potential for a major cyber loss event while the exposure remains unmeasured creates serious uncertainty, as does the expansion into the standalone cyber market by less experienced underwriters.

“Cyber insurance is a profitable venture for early market entrants. While the market is poised for considerable premium growth in the next few years, signs of competitive forces eroding profit opportunities may transpire in cyber earlier than past emerging product segments,” commented Fitch analysts in the report. “Over the near term, Fitch views cyber underwriting as a risk that may exert downward pressure on some non-life insurer ratings if larger loss scenarios emerge. Ultimately, insurers that lack underwriting expertise, poorly manage cyber risk accumulations, or fail to recognize loss potential from silent cyber exposure within their traditional commercial insurance products are most vulnerable to ratings downgrades.”

Fitch acknowledged in its report that as awareness grows, silent cyber can likely be addressed and eliminated. In the short-term, though, as more insurers take advantage of this “rare growth market,” the problem persists.

“In the event of a large cyber disaster today, a major proportion of insured losses would be incurred within traditional policies,” said Fitch. “This silent cyber coverage exposure can create large risk aggregations and creates potential for differing interpretations of coverage. This ambiguity can, in turn, lead to more antagonistic settlement processes in the event of a cyber related loss.”

Fitch also highlighted primary insurers’ lack of consideration of cyber in reinsurance agreements as a concern and encouraged insurers and regulators to call for disclosure of standalone and silent cyber exposures to increase industry awareness of cyber risk management.

Editor Erin Ayers can be reached at eayers@advisen.com.

Why Advisen Data?

You recognize the importance of having risk data at your fingertips. Here is why you can count on Advisen data:

Our proprietary cyber loss data is curated by professionals with a wealth of insurance industry expertise, so we understand the implications for the industry – and your business.

We collaborate with key players in the industry to ensure we collect and maintain the most relevant cyber data.

We compile data from multiple sources. Sure, it takes a lot of man-hours to do it, but we think having only one data source doesn’t give you enough data points to make the most informed business decisions.

Let's talk about cyber risk!