Deloitte University Press: Demystifying cyber insurance coverage
Cracking the code on cyber insurance
With most US property and casualty insurers struggling to grow in a slowly recovering economy, an overcapitalized market, and a historically low interest-rate environment, why isn’t the sale of cyber insurance gaining momentum more quickly, given the rising profile of the risk?
The line still only generates between $1.5 billion and $3 billion in annual US premiums thus far, according to various industry estimates by regulators and rating agencies—representing only a tiny fraction of the $505.8 billion1 domestic carriers wrote in total in 2015.
Yet despite that rather modest starting point, a number of industry leaders are bullish about the cyber market’s future. Some are predicting US sales to double or even triple over the next few years, according to the Insurance Information Institute.2 Allianz Global Corporate & Specialty foresees a worldwide market of more than $20 billion by 2025.3
The industry has a long way to go to reach those lofty predictions. Many commercial enterprises have yet to purchase a cyber policy—or if they have, their coverage tends to leave them underinsured. Just 29 percent of US businesses had bought cyber insurance as of October 2016, according to a survey by the Council of Insurance Agents and Brokers (CIAB).4 While bigger companies are more likely to buy the coverage, the majority of large organizations are still going bare on the exposure. Indeed, a September 2015 CIAB study found only 40 percent of Fortune 500 companies had cyber insurance at that time, while those that did often bought limits that didn’t cover the full extent of their exposure.5