Cyber insurance set for explosive growth
Cyber insurance is poised for exponential growth over the coming decade, but it remains a capital-intensive peril that requires structural innovation, according to CyberCube.
The mid-range projection suggests that the US standalone cyber insurance market could reach $45 billion in premiums by 2034, a fivefold increase from today.
Cyber insurance is projected to snowball
However, product innovation will be required to achieve real growth in exposures rather than mainly rate increases, as seen in recent years. Given the low penetration rates for cyber risk coverage today, insurers and brokers need to achieve deeper penetration across organizations, offering larger limits and broader coverage with more clarity on terms and conditions.
Cyber insurance is projected to grow rapidly, driven by increasing digitization of the global economy and rising concerns about cyber risk. CyberCube has modeled three CAGR factors for the US insurance industry to 2034: 10% growth resulting in $17 billion of premium; 20% growth leading to $45 billion of premium and 30% growth creating $109 billion of US cyber premium. CyberCube’s US Industry Exposure Database (IED) pegs US standalone premium in 2023 at $8 billion.
Cyber will become a peak peril, with the potential for losses from US Standalone Cyber to exceed Hurricane Katrina — the largest insurable natural catastrophe to date, costing the (re)insurance industry $102 billion in 2005. At 20% CAGR, the amount of capital required to manage a 1-in-250 year loss would be $121 billion.
The cyber (re)insurance market will need to substantially increase capital to enable this growth potential, with increases needed from multiple sources including insurers, reinsurers, capital markets, and potentially private-public partnerships.
Market expansion requires more reinsurers’ involvement
The current cyber reinsurance market is tightly concentrated among the largest writers, so one implication is that the market will need broader participation from more reinsurers in order to sustainably distribute and share risk as the market expands.
“The cyber insurance market is set for outsized growth compared with other lines of P&C insurance over the coming 10 years. Structural changes are required to support sustainable growth. Some of these changes are starting to emerge and will require fuel to accelerate their growth – for example, penetration into the small business space and the emergence of the cyber Insurance-Linked Securities market. Some are still very much in their infancy and will require broader market collaboration to unlock, such as public-private partnerships that work for both sides,” said Alex Tenenbaum, Director of Services and lead author of the report.
Rebecca Bole, Head of Industry Engagement, added: “The property & casualty (P&C) insurance sector stands at the threshold of a once-in-a-generation opportunity to build a sustainable market for cyber risk transfer. This enables societal resilience to one of the peak risks facing economies today.”
Closing the cyber protection gap is becoming increasingly important as our collective understanding of potential cyber catastrophes improves and the financial impact on individuals, businesses, and critical infrastructure becomes clearer. There are many examples of peak perils where private sector capital is unavailable at an appropriate quantity or price to meet society’s need for risk resilience; these include US terrorism, flood risk and peak hurricane zones.
The US federal government has also identified cyber risk as a major risk to the US economy – in 2023, the White House launched the National Cybersecurity Strategy as a coordinated effort to strengthen the resilience of the US economy to catastrophic cyber risk. In the mid-to-high range of cyber insurance growth projections, there is an increasing likelihood that the private sector will not be willing to assume all losses arising from the worst tail events.