The rate at which technology is evolving makes it difficult to predict cyber risk pricing, members of the press heard at a conference in Las Vegas.
Although price rises could happen as firms buy more cover following the onset of General Data Protection Regulation, a lack of data makes it hard to predict how they will look down the line.
Speaking at Guidewire Connections in Las Vegas, Cyence co-founder George Ng said: “For the most part today, people are profitable. This is more of an economic answer. Given that and with things like GDPR, more people will feel compelled [to take out cover]. So that will cause prices to rise in the short term. Given that the pace of technology is changing very quickly, it could really go either way.
“People price based off history. We are an industry where there isn’t a lot of history. Every time something happens, you can argue, there is a new paradigm. Most people in the room [referring to members of the press] probably use their mobile phones as their primary point of internet access now. Five years ago that wasn’t true. That in itself changes the risk profile in a dramatic way. That is the interesting, but also very challenging part of modelling cyber risk, because of the evolution rate.”
An underinsurance problem
By 2020 there are expected to be 20.4 billion Internet of Things devices, an increase of 142% from 2017.
The World Economic Forum classifies cyber risk in the top six risks ranked on both potential impact and likelihood. The 2017 Wannacry attack infected 300,000 computers across 150 countries, while Notpetya saw corporate losses of roughly $300m (£228m) in at least three instances, according to the WEF’s Global Risks Report 2018. In 2016 alone companies reported four billion reported data breaches, double the previous two years.
Paul Mang, general manager of Guidewire Analytics and Data Services and former Aon global analytics CEO, cautioned: “Given the volatility that exists in today’s environment for both households and businesses, we are underinsured. Too much of that volatility is landing on individual balance sheets. I have pushed this concept of the protection gap. Usually referred to in natural catastrophe situations.
“Houses don’t burn down too often. We have wildfires, but that is a different source. There is a lot of volatility and if you are a small business, you could have lots of things happen because you are so connected to social media sites, your reputation, and so the thesis is that we have an underinsurance problem – or another way to put that is we have a self-insurance problem – somebody is handling that volatility, but it’s on the wrong balance sheet.”
“The connected everything puts a lot of volatility into the system. Cyber is one of them, but there are other types such as reputation, there are other types of new risks that really we don’t have products for. We have some, but it doesn’t cover the losses that are out there,” Mang added.
- Analysis: The mystery of the missing Insurance Fraud Taskforce report
- Green light for UK-US insurance trade deal
- Roundtable: Is a single customer view taking off in insurance?
- Travel insurtech Pluto begins beta test
- O’Connor replaces Fairchild at the helm of Broker Network
- Blog: What workplace inequality means for insurers
- Majority of customers support a ban on dual pricing