Marsh, UK government and Lloyd’s on the warpath over cyber cover

Cyber risk

The UK will keep dominating the growing cyber insurance market, according to plans laid out in a new report by Marsh and the UK government.

The report, ‘UK Cyber Security’, says that cyber risk to businesses is growing, but that awareness and penetration are low and that cover is expensive compared to other liability risks.

To help tackle this, the UK government wants to increase UK firms’ resilience to cyber attacks, including promoting the UK insurance sector’s ability to cover these risks.

The report has also been supported by Lloyd’s, who were on the report’s working group.

Lloyd’s chief executive Inga Beale says that the demand for cyber insurance cover is increasing but is still relatively low. London market insurers currently dominate the global cyber insurance market, and Beale also laid out her plans for London to keep this up.

“London is already a major centre for cyber insurance,” she says. “Insurers write more than 10% of the global cyber insurance business from London, which represents around £160 million in premiums, with the majority of the flow into London coming from the US.

“The London market is well positioned to compete for large and complex risks, and over time has provided innovative solutions for new threats. Cyber fits this description and, as such, should be a priority for the London market as it plays to its traditional strengths.”

The US is the country that buys most cyber insurance cover, driven by stringent reporting requirements, according to Mayer Brown insurance and reinsurance partner Ingrid Hobbs.

Future appetite for buying standalone cyber cover in Europe is likely to be driven by a proposed European Commission directive that will require firms to report cyber security breaches to a national authority.

Hobbs agreed that London is likely to continue to be the centre for cyber cover for some time to come.

“I would think for the next five to ten years it will be very London centred,” she said.

The reason is that insurers are still developing their products and getting to understand the risk, she added.

The report also acknowledged that pricing was an issue with cyber insurance cover.

“The cost of cyber insurance relative to the limit purchased is typically three times the cost of cover for more established general liability risks, reflecting the possible exposure that insurers are taking on with cyber,” it said.

To counter this, the report said that data pooling between insurers was important to help underwriters better understand their exposures and drive premium prices down.

To help this, the report said that the UK government will set up a new forum with Lloyd’s and the Association of British Insurers to investigate this.

Marsh UK & Ireland chief executive Mark Weil said that potential cyber insurance buyers would need a cultural change to ensure they were properly protected.

“Companies will need to upgrade their risk management substantially to cope with the growing threat of cyber attack, including introducing disciplines such as stress-testing, and creating a joined-up recovery plan that brings together financial, operational, and reputational responses,” he said.

In the report, Cabinet Office minister Francis Maude says: “Cyber security is not just a question of threats – it also represents an opportunity for the UK. The UK has world-leading cyber security expertise and cyber security services.

“The UK insurance sector is already a world-leader. With innovative ideas, like including Cyber Essentials certification as part of insurance cyber risk assessments for small to medium-sized enterprises, the sector is demonstrating that the UK is the natural home for a growing global cyber insurance market.”