Working together will be key to building a sustainable cyber market

In what way is cyber risk changing?

The cyber risk landscape continues to evolve at a fast pace. Ransomware is a persistent, yet changing, threat for all organisations, while in a world of growing geopolitical tensions, the threat posed to companies and critical infrastructure from nation states cannot be overstated.

At the same time, we need to anticipate the future risks posed by advances in technology, such as artificial intelligence and quantum computing, as well as an uncertain and developing legal and regulatory environment.

Throughout the risk chain, from client to broker to underwriter, working to understand this complex risk, and putting in place strategies to assess, mitigate, manage and transfer it, requires empathy and collaboration. As a marketplace, we need to work to ensure that we are helping clients to understand their own risks and build resilience, and that insurance coverage is relevant and suited to their changing needs.

Do you see growing demand for cyber insurance?

As awareness of the potential frequency and sophistication of cyber risks has increased, so too has demand for cyber insurance from clients across the world and from diverse industry sectors—the global cyber insurance market is expected to more than double in size to $29 billion by 2027, according to “Cyber Insurance: Risks and Trends 2024” published by Munich Re.

We expect this strong growth to continue, driven by ongoing digitisation of business and supply chains, as well as by stricter regulatory requirements, such as the EU’s Network and Information Security Directive (NIS2), which is being implemented in October 2024.

Where now for cyber insurance?

The cyber insurance market underwent a rapid and quite severe market cycle in 2020 and 2021, which was clearly challenging for clients, many of which were becoming more interested in buying the cover. Some sections of the insurance market were offering coverage that was not necessarily commensurate with the premium, and when losses started to rise, rates had to be adjusted in many cases.

Conditions have since improved, and new capacity has flowed into the cyber insurance space, following improved cybersecurity among insureds, and the introduction of tighter underwriting criteria by insurers. While this has given insurers confidence, and buyers some relief, it is now vital that we all act responsibly to ensure a stable and sustainable marketplace for the future.

We want to work with clients to manage and transfer their cyber risk, without the need for abrupt pricing swings.

What is AXA XL doing to help clients manage their cyber risks?

AXA Group and AXA XL are making a significant investment to support the evolution of cyber insurance and help clients adapt to the changing risk landscape and build their resilience. Two years ago, we launched our Cyber Centre of Expertise to develop the knowledge and tools needed to manage cyber risk.

The Cyber Centre of Expertise gives our clients access to resources that will enable them to build cyber resilience, as well as support our underwriters in their complex conversations with clients. For example, we ran training in France around the Olympic and Paralympic Games to raise awareness of cyber risks.

We all are aware of the need to continue to build our knowledge and expertise about cyber risk: the CrowdStrike outage in July was a reminder of the dynamic nature of cyber risk, and the need to continually improve operational resilience and crisis management. That is why we are carrying out state-of-the-art work on data and analytics that will help companies mitigate their cyber risks.

We realise it is important to make use of data not just when an attack occurs but before an event, to help clients prevent and mitigate losses.

How can you support companies starting their cyber journey?

Collaboration is vital in cyber insurance. We understand that underwriters cannot only consider clients with “perfect” risks; we need instead to go the extra mile and help companies that are less mature in their cyber risk understanding. By partnering with clients early in their cyber journey, we can help them to build resilience and become a better risk from an insurance perspective.

One of the biggest challenges that our clients, and we as underwriters, face is in gathering information about cyber risks. We are working to reduce this burden on clients by developing in-house tools to collect and analyse data, which in the long run will improve the quality of data and create efficiencies.

Improving the knowledge base of all the stakeholders in this area—clients, brokers, insurers and so on—will enable us all to better meet the challenges of this rapidly changing and fast-moving area of risk.

Are you optimistic about the future of the cyber insurance market?

Certainly. AXA has identified cyber as a strategic growth opportunity. That’s not to say there aren’t challenges, but I think we are on the right path. As the risk evolves, so too will the risk management and transfer tools available. By working together with understanding and constructive dialogue, we can increase awareness and knowledge, and ensure that there is a sustainable cyber insurance marketplace providing the cover that businesses need today, and tomorrow.

Carlos Rodriguez Sanz is regional product leader for cyber, APAC and Europe, at AXA XL. He can be contacted at: carlos.rodriguezsanz@axaxl.com

FERMA Forum Today is in partnership with Captive Review, part of Newton Media.

Did you get value from this story?  Sign up to our free daily newsletters and get stories like this sent straight to your inbox.