The reinsurance broker says that the cyber insurance market is developing rapidly, but blind spots exist, amid fears of a future cyber catastrophe event.
Gallagher Re has warned on the nascent state of the developing cyber insurance model, saying that there is still a reluctance from capital providers to offer cost-effective and systemic solutions.
The words are carried in the firm’s new report, The Risk of a Cyber Catastrophe, which says that while the market is evolving and rapidly growing, it has yet to deal with a catastrophe-level event.
This, it says, makes such an event difficult to model and price. The industry, it contends, is hampered by a lack of tangible scenario data points, inconsistent or non-existent cyber catastrophe claims coding frameworks, and an overarching high level of uncertainty.
The authors of the report write: “Cyber remains a young risk class for the (re)insurance industry overall, and insurers are still working out what risks they are comfortable covering.
“Carriers are having to carefully manage their exposures, while model-builders are investing heavily in developing their offerings. New technologies, such as outside-in scanning, offer the prospect of more tailored underwriting. But is the sector ready to cover a truly systemic catastrophe?”
A cyber event at catastrophe level, writes Gallagher Re, is difficult to price since there has yet to be one.
This makes for a stark contrast with natural catastrophes, such as hurricanes or earthquakes, where risks are much better known and modelled, the firm said.
It creates a particular challenge for insurers in securing reinsurance capacity, as capital providers in that market are grappling with the same uncertainty, the broker emphasised.
A shared understanding of what a cyber catastrophe could look like would be a useful starting point. This, in turn, needs to be translated into consistent claims reporting frameworks, Gallagher Re stressed.
Iain Willis, research director at the Gallagher Research Centre, sees the need for further development of the models as a critical factor for capturing and understanding cyber risks.
“Models that can capture a risk more precisely allow for the development of products and pragmatic pricing. The old adage that ‘models make markets’ tends to ring true,” he said.
“The concern currently would be that the divergence of existing model output shows the wide range of uncertainty in this peril. This is where research can really help,” Willis added