Cyber insurance maintained its double-digit premium-volume growth in 2012, with capacity high, pricing competitive and buyers increasingly willing to pull the trigger on both third- and first-party coverage. Thanks to a proliferation of data breaches, an ever-increasing number of regulations around the protection of private information, and the growing availability and awareness of Cyber insurance, business is booming in this marketplace.
“It is big, and it’s growing,” says Rick Betterley, president of Betterley Risk Consultants.
DESPITE CLAIMS, CAPACITY STILL STRONG
“The allegation is that [retailers] are using that ZIP-code PII to do targeted marketing, then sending out mailers or phone calls to target that demographic, versus collecting that just for credit-card processing,” Aon’s Levy says.
Expansion of liability to include data collection—not just disclosure—has led to the creation of either additional coverage or new exclusions, depending on an insurer’s appetite.
Randles attributes that increase to a growing awareness of the risk combined with a more educated buyer and broker population. “The low-hanging fruit for specialist Cyber brokers was to start by selling Liability,” he says. “Historically, Non-Physical Business Interruption wasn’t really understood—businesses didn’t see the impact that it had, and there was limited interaction between the risk officer and chief information officer. Now, the IT department understands its role in risk management, and business interruption related to Cyber has become a boardroom discussion.”
Most carriers offering Business Income coverage limit the loss trigger to a system breach or network attack. However, some have been willing to expand coverage to include system outage.
“It’s a mix,” says Chubb’s Goldstein. “Some [policyholders]—such as financial institutions, health-care or private companies that have a significant risk—want to have it standalone. But we also have customers that choose to integrate it with Management Liability or E&O lines.”
And a few companies are offering Cyber geared toward smaller companies—and at a much smaller price tag.