Cyber Is Coming to Insurance-Linked Securities

The insurance-linked securities (ILS) market reached record volume last year and is primed to grow dramatically as insurers look to the capital markets to help cover ballooning cyber-related risks.

The cyber ILS segment has been expected to grow significantly for several years now, given the insurance industry’s insufficient capacity to meet demand for coverage that will necessitate transferring the cyber risk to investors. There have as yet been no catastrophe (cat) bonds covering cyber risk. Paul Schultz, chief executive officer of Aon Securities, said, “We’re likely to see cyber cat bonds in the next 12 to 24 months.”

The increase in cyber ILS would bolster a market that has more than doubled in terms of new and outstanding issuance over the last decade. Dominated by property and casualty (P&C) risk, the ILS market’s outstanding volume in 2021 reached nearly $36 billion, alongside record issuance of $14 billion, according to Artemis.

Schultz said that volume was driven by such factors as ILS funds’ raising new capital; adjusting their portfolios to include more liquid cat bonds, rather than less liquid reinsurance; and significant refinancing.

“Some of the growth we’re projecting this year will be incremental [issuance volume], as opposed to last year, when much of it was refinancing,” Schultz said.

First-quarter 2022 issuance of $3.5 billion was the third most for that period, with the bulk of it arriving in March, according to Artemis.

Schultz said he believes it will take time for cyber cat bonds to become a significant part of the ILS market, perhaps along the lines of the 25-year-old P&C cat bond market, which simmered for its first decade before seeing more significant volumes.

Heightened Exposure

Others anticipate more rapid cyber ILS growth in light of the spike in security breaches and fraud associated with remote working arrangements during the COVID period.

“Two years of the pandemic accelerated the evolution of the cyber ILS market, as some insurers’ loss ratios increased to 100% or more from a pre-pandemic market average of around 40%,” said a leading ILS investor who is involved in industry discussions about the issue and asked not to be identified. “Many market observers had previously expected this revelation of true cyber risk levels to take place slowly over to five to 10 years, or more.”

In a recent Moody’s Investors Service survey, 83% of respondents carried some type of cyber insurance protection: 55% cyber-specific standalone policies, 13% traditional policies with explicit cyber coverage, and 32% a mixture.

However, according to Moody’s, the cyber insurance market, while growing rapidly, still pales in size compared to more established insurance products. “As a result, available policy coverage is fairly small and limits the amount of proportionate coverage that organizations can access,” the report says.

Cautious Approach

Tom Johansmeyer, head of PCS, a Verisk Insurance Solution, said his firm currently estimates worldwide cyber insurance premiums at $5.5 billion, up 10% from a year ago. The rate of increase may in part reflect insurers charging more, rather than a growing market and expanding industry capacity.

Insurers, Johansmeyer said, are wary about rapidly increasing their exposure to such a new market, and they are ceding about $2.9 billion in worldwide affirmative cyber insurance premiums, about 55%, to reinsurers.

“Insurers are not holding as much of the risk as you might think,” he said. “And that’s part of the problem. We’ve seen this market struggle to grow because of significant capital constraints.”

Reinsurers are also constrained because there is not yet a cyber retro market, or reinsurance for reinsurers. Johansmeyer added that for insurers to reduce ceding out cyber risk in the long term, they must learn how to quantify, understand and manage it more effectively. “In the near term, the market needs to find fresh capital, and that’s increasingly a discussion for ILS.”

Apart from underwriting and reinsuring, “The insurance industry is serving as a catalyst here,” Oliver Wyman cyber risk experts Paul Mee and James Cummings write in Countering Cyber Threats in a Time of Conflict. “In response to the surge in ransomware attacks in recent years, insurers have been pushing companies to adopt tools like multifactor authentication, endpoint detection and response tools, email filtering, and enhanced cybersecurity awareness training and incident response testing. Increasingly, these are table stakes for even obtaining cyber insurance coverage.”

Conditions in Place

Concerns about cyberattacks arising from Russia’s invasion of Ukraine introduced “a wrench in the works” that could slow cyber ILS issuance, the long-term investor said. There are three key growth factors, he added: increasing probable maximum loss; economic incentive to provide the protection; and sufficiently developed models for risk-coverage investors to calibrate risk vs. reward.

The first two already exist, the investor said, and the modeling is making significant strides because information about cyber-related losses and mitigation has increased dramatically.

Modeling firms including AIR Worldwide and RMS, which was acquired by Moody’s last year, are adapting their models to calibrate cyber risk, while fintechs such as CyberCube and Kovrr have brought some new spin.

CyberCube is licensing its Portfolio Manager tool to specialist insurer Beazley and to Fermat Capital Management, one of the largest ILS funds. The software-as-a-service application enables risk carriers to financial-stress portfolios against cyber-related scenarios such as including ransomware and cloud outages.

“More and More Interest”

Jin Shah, RMS managing director, capital markets, is “getting more and more interest from the ILS market on cyber,” and it is “keen on using the RMS models in a cyber risk transfer,” although what shape that takes remains to be seen.

“From an RMS perspective, the modeling capabilities are there, but with these developments we need to think through the event definitions, the post-event processes, the trigger mechanism, and whether to isolate a particular component of cyber – something like ransomware or cloud outage,” Shah said. “And if it’s cloud outage, who is the true reporting agency? Are there authorities who can definitively say a cloud outage has occurred on a particular date and for a particular period of time?”

Collateralized reinsurance deals, private transactions bought by ILS investors, have been inked regularly if not in abundance over the last several years. They tend to be bespoke, and counterparties don’t necessarily rely on third-party models or supplement them with their own analytics. In fact, the lack of sophisticated models has been an impediment to the cyber-cat market starting up, Johansmeyer said, but, he added, “If somebody really wanted to get an ILS trade badly enough, the modeling is probably good enough now.”

Cat Bond Overlap?

Schultz of Aon Securities said cloud outage will be a likely cyber component to define the first deals because it’s “very measurable.” He added that they likely will be smaller in size than typical cat bond deals and carry attractive “pioneering” pricing favorable to investors – similar to early property cat bond deals.

As far as cyber being part of a multi-peril deal, Schultz said is unclear to what extent investors in property cat will overlap with those seeking exposure to cyber risk.

“You would have to be comfortable that there is an adequate supply of investor capital to buy [bonds including] property and cyber exposure, given the potentially correlating nature of cyber risk,” Schultz said.

Timing It Out

To reassure market participants about investing in a new peril, the ILS investor said, the first cyber cat deals will likely be issued by a major cyber insurer such as AIG, Beazley, Chubb, Hiscox or Zurich – “whoever is sitting closest to the powder keg.”

He added that likely timing for an issuer to come to market this year is October or November, closer to the January 1 renewals. That’s when reinsurance capacity will be higher than in the May-June timeframe, when demand for reinsurance coverage is expected to peak this year and capacity becomes scarce.

The investor said that given demand for cyber protection, when investors become more comfortable with cyber risk, he sees the cyber-ILS market taking off and eventually rivaling P&C ILS in terms of volume.