Cyberterrorism insuranceCyberterrorism threat must be addressed: Pool Re’s chief
Cyber is unlike any other peril, because of its theoretical ability to affect almost any insurance class. This significantly impairs (re)insurers’ ability to allocate capital, to model losses with confidence, and, as a result, to price insurance products accurately. The gap between the available global insurance capacity and market exposure has become increasingly stark: market capacity stands at approximately $500 million, but the exposure is estimated to be more than $130 billion. Pool Re, the U.K.’s $7.3 billion terrorism reinsurance fund, wants to extend its cover to include cyberattacks on property, chief executive Julian Enoizi said.
Pool Re, the U.K.’s $7.3 billion terrorism reinsurance fund, wants to extend its cover to include cyberattacks on property, chief executive Julian Enoizi said.
Pool Re, set up in 1993, acts as a backstop to insurers paying out claims on property damage and business interruption. Pool Re is financed by the insurance industry with government backing, and pay outs depend on the British government determining that an attack was terror-related.
Pool Re notes that in 2002 it extended its cover to include chemical and biological attacks.
Enoizi, CEO of Pool Re, used his keynote speech at the Global Insurance Symposium in Des Moines, Iowa, to address a critical issue for insurers: the need to come to grips with the risk of cyber terrorism.
The terrorism threat is changing, Enoizi said. It has evolved from the traditional methods employed by the Provisional IRA, and terrorists’ access to technology is increasing daily. This evolution presses new responsibilities onto governments to provide safe environments for their citizens and has widened the gap between what the market will cover and the taxpayer’s potential liability. Citing recent U.K. Government data, Enoizi reported that 90 percent of large U.K. companies have suffered a security breach within the last year, and that the average cost of a cyberattack has doubled since 2014.
Cyber is unlike any other peril, because of its theoretical ability to affect almost any insurance class. This significantly impairs (re)insurers’ ability to allocate capital, to model losses with confidence, and, as a result, to price insurance products accurately. The gap between the available global insurance capacity and market exposure has become increasingly stark: market capacity stands at approximately $500 million, but the exposure is estimated to be more than $130 billion.
The challenges of understanding the threat may be one reason that market capacity falls so far short. However, something can be learned from experience. Cyberattacks, whether by terrorists or otherwise, and physical terrorism share clear parallels:
— Both can correlate across multiple lines of insurance, making aggregation a key issue.
— Neither is a naturally occurring peril, therefore difficult to model from the perspectives of severity and frequency. Little relevant historical data exists to support modelling or pricing.
— They are fast moving, evolving, and dynamic threats.
— Nation-state involvement is highly influential, but may be impossible to identify.
