Buyer-Friendly Cyber and E&O Market: How to Take Advantage
A buyer-friendly Cyber and E&O market is quickly emerging. Learn more about the changing global market and how to capitalize on it.
Substantial new capacity and improved insurer loss performance have led to decreasing rates in Cyber and E&O in early 2023.
Premium rates are expected to continue softening, with global economic, geopolitical or systemic cyber events potentially impacting the market.
Underwriting remains rigorous. Buyers should start their renewal placement process early to build a strong risk narrative to share with underwriters.
After experiencing rate increases over 100 percent in late 2021 and early 2022, the global cyber and errors and omissions (E&O) market has undergone a distinct and dramatic pendulum swing, shifting toward a buyer-friendly market in early 2023.
There are a variety of market factors contributing to the new rate environment, including:
- New and returning markets have brought new capital and competition, leading to further rate deceleration
- A decline in loss frequency and severity as businesses continue to help strengthen their security risk controls and enhance their risk profiles
- A redirect to more sustainable pricing levels after a potential overcompensation for ransomware losses in 2021-2022
However, underwriters — who now operate at a more in-depth, technology-driven and sophisticated level — are maintaining rigor as they closely monitor global events that may impact cyber claims. Economic changes, a shift in the geopolitical environment and widespread systemic cyber events could all adversely impact continued rate reductions.
These three areas are expected to shape the market through the balance of 2023:
- Substantial new capacity will help soften the market. Aon expects that premium rates in 2023 will be more competitive than for the prior 24 months, driven by improved loss ratios and an influx of new capital that has created a higher global premium pool, especially in the excess markets.
- War exclusions, infrastructure exclusions, and “widespread events” remain in the terms and conditions spotlight. Updated war exclusions have been introduced and are inconsistent across the global cyber insurance marketplace. Infrastructure exclusion updates, specifically for the digital environment, merit thoughtful analysis and dialogue among brokers and insureds. Limiting coverage for widespread events or widespread outages is an effort to solidify the future of cyber insurance, but it risks deteriorating the value proposition of cyber insurance for businesses that see benefit to outsourcing technology and security to third party providers.
- The underwriting process is rigorous, but it’s also more comfortable for businesses, if they are well-positioned to share their security narrative. Assembling the right team and investing the right resources across the organization can help achieve improved coverage results at renewal.
Buyers can take advantage of market improvements by starting their renewal placement process early and continue to build relationships with insurers. Businesses have become more prepared, collaborating internally to provide strong strategies around contractual risk management, information security, privacy and operational continuity. An early start can give the risk manager more control and address potential bumps in the road.
“Where businesses were constrained by availability in 2021 and into 2022 it is now vastly different,” says David Molony, Head of Aon’s Cyber Solutions for EMEA. “Instead, buyers should now be looking at mitigating their exposure — taking advantage of the market at the expense of sacrificing coverage to help save short-term premium dollars.”
While the E&O and Cyber market has many similarities between regions, it’s important to acknowledge existing differences. We explore market conditions across the globe — including capacity, loss trends, pricing and coverage.
- Capacity developed throughout 2022, introducing additional options and a more competitive marketplace — which many insureds used to their benefit.
- Capacity continues to grow in Q1 2023, with growing availability to insureds through new insurers and increased carrier limits. Many insurers offering cyber insurance have substantial growth goals for the product. These two factors, along with improved risk controls within insured security environments, create a powerful competitive landscape.
- Severe pricing adjustments experienced in 2021 and 2022 are still top of mind. The hard market was the result of poor loss experience throughout 2018, 2019 and 2020.
- Loss frequency continues to decline from its peak in 2021 but remains higher than 2019. However, ransomware frequency increased sharply, up 49 percent in Q1 2023.
- Improved frequency, along with an unprecedented rate environment in 2022, fuel market growth in what will likely be a profitable product segment over the next few years.
- Rate increases decelerated throughout 2022, beginning in the fourth quarter of the fiscal year. Aon anticipates rate decreases throughout 2023.
- Aon’s pricing data examines the year-over-year price change on a monthly or quarterly basis. This analysis highlights important trends, adding context that some industry sectors and client segments are experiencing far greater pricing disruption.
- Discuss changing war exclusions with your broker to understand implications on market impact and strategy.
- Buyers should not overlook other critical coverage components:
- Privacy concerns, including data breaches and broader collection and use of information.
- Biometric information. Clients should review any proposed exclusions related to biometrics closely with their broker to understand the scope of coverage changes.
- Pixel tracking and Video Privacy Protection Act (VPPA) exposures are another sub-set being reviewed by insurers, specifically the underlying exposure and in some cases, introducing exclusions. If this exposure is relevant, be wary of accepting limitations on coverage.
- Understanding insurer, vendor and law firm requirements is critical to help align with a business’s preferred incident response and litigation approach. Push for higher rate caps with pre-approved non-vendor resources to help offset any cost increases.
- Most insurers are looking to grow their cyber portfolios again.
- There is more appetite from markets to move down programs providing much needed competitive tension on both a primary and first excess basis.
- Loss ratios improved in the second half of 2022, however, ransomware activity has started to increase in Q1 2023.
- More markets are highlighting biometric information collection and disclosures as an area of concern due to an uptick in class actions resulting from improper collection, use or retention.
- Operational technology and supply chain risk continue to be heavily scrutinized by underwriters highlighting the need for quality data collection and presentation at renewal.
- The favorable rate environment that emerged in the second half of 2022 has continued into 2023.
- Heightened market competition is expected to result in more favorable outcomes for businesses throughout 2023.
- The effects of the conflict in Ukraine have not emerged, however, underwriters remain cautious about the potential for cyber disruption emanating from the region.
- Capacity continues to grow with local and global markets seeing the APAC region as a growth target. Most local markets are increasing average line sizes back to the historical max line size of $10 million. In certain circumstances, some markets now offer limits exceeding $10 million.
- Capacity deployment is still managed carefully, with a focus on cautious growth. For example, some insurers are performing better with coverage and pricing when deploying $5 million or less, even if they can deploy more.
- Overall incident frequency declined in 2022, with cyber events falling by 14 percent compared to 2021.
- Ransomware exposures remain a primary underwriting topic with regional markets, even with event frequency declining by more than 40 percent in 2022 (year-over-year). The threat remains high, however, as frequency has risen in other global regions in Q1 2023. Strong cyber diligence should continue to be stressed.
- 2022 was characterized by several large and high-profile data breaches across the region. The frequency of data breaches declined by only 6 percent. The profile and frequency of these events will continue to shape underwriting behaviors and regulatory agendas across the region into 2023.
- The most frequently impacted industries in APAC include Public Sector, Technology, Media and Telecommunications, Financial Services, Retail and Manufacturing. Manufacturing centers are becoming more prominent across the region. Operational Technology remains a key risk concern for regional markets as well. Further, geopolitical tensions in the region have raised the importance of supply chain risk, particularly for strategically important industry verticals.
- Loss trends have likely improved due to the portfolio management by insurers over the last 24 months, leading to a positive outlook. However, it will take time for the major insured incidents over the last six months to be fully realized by the market, which may be detrimental to loss ratios.
- Rate increases steadily declined in the second half of 2022, with greater deceleration occurring near year-end. This rounds off average rate increases of more than 50 percent over the previous two years.
- On renewals, we are seeing incremental rate movement on primary layers (both increases and decreases) and more consistent rate reduction (5-15 percent) on excess layers. Exceptions include programs that are exceptionally underpriced and in need of further correction, or when carriers have insured a program opportunistically at inflated rates, and more significant reductions are achievable.
- Rate movement is contingent on, among other factors, a demonstration of a detailed focus on security and the extent of previous corrections to pricing.
- Coverage has mostly stabilized, with improvements anticipated for businesses with a detailed focus on security. Restrictions will be eased where key controls can be demonstrated.
- Insureds with excellent security can expect to see improvement in coverage, however, there is minimal coverage innovation. Instead, we are seeing a trend back to broader coverages available prior to 2020.
- War exclusions have been updated, primarily in line with Lloyd’s guidance, but there is a need for more consistent language across insurers, particularly on layered programs.
- Other coverage restrictions related to systemic risk events, unpatched vulnerabilities or unsupported systems can generally be avoided, particularly where insureds can engage productively with underwriters and risk engineers to identify controls in place and plans for improvement.
- Capacity has remained stable with current carriers managing exposures. However, we expect a broader appetite in the next few months, with carriers confirming that they want to expand their current footprint in LATAM.
- We also expect a few carriers to move from reinsurance to direct business. Given the smaller limits purchased by clients in LATAM versus other geographies, this is good news and should translate into greater capacity for direct clients.
- Major cyber attacks have occurred recently across LATAM, primarily ransomware. Impacted industries include retailers, financial institutions, utilities and healthcare. Given the adjustments made by underwriters, most of the losses have been absorbed by deductibles or directly by clients that did not purchase cyber insurance coverages.
- Rates per million (RPMs) have remained stable. Premium increases have been linked to inflation, in contrast to the previous three years when we saw a very aggressive re-underwriting of all the carriers.
- Underwriters are requesting more detailed information and concentrating on attachment points, cyber extortion sublimits and coinsurance.
- Despite being introduced in 2022, systemic risk exposure and sublimits are still topics of conversation with carriers. However, it seems like this approach is limited to a few underwriters.
- There has not been significant coverage enhancement in the last few months beyond several carriers that have revamped their wording — looking for more clarity, rather than expanding coverage.
Businesses must build the appropriate team across key internal stakeholder groups, preparing an informative security narrative that gives underwriters knowledge of the efforts taken to build a strong cyber security posture.
How to Help Optimize Market Outcomes in 3 Steps
Don’t lose discipline. Underwriting requirements are still robust, with more sophisticated and technology-driven carriers. It is critical, therefore, that risk buyers revisit their cyber strategy amid the moderating market to help manage their exposure.
Risk managers should consider following these three focus areas to help enhance their cyber risk strategy:
Find Value Through Collaboration
Work with your information security colleagues, in-house counsel, brokers and other advisors to help shape the prioritization of risks the company views as material and transferrable. Overlaying that dialogue with financial impact analytics helps develop a framework that can prioritize the objectives of your cyber insurance program. The softening market provides an opportunity to tailor important policy wording, push sub-limits to full coverage limits and help eliminate coinsurance penalties.
Create Long-Term Program Goals
Cyber insurance is sustainable and will continue to bring value to insureds. While insurers’ proposed language changes can bring frustration to risk buyers, it’s important to think holistically about your E&O and Cyber insurance program. Increasing competition provides an opportunity for businesses to consider alternative coverage options. Before making a hasty decision, evaluate the policy language changes and consider the potential downside of switching insurers.
Keep Your Eye on Emerging Trends
Key security controls that limit the probability of a ransomware event are an important part of the dialogue and underwriting process. Always remain forward-looking. Privacy litigation is on the rise, and severity exposure is often underestimated. The geopolitical landscape remains a concern for businesses globally. Understanding emerging threats, what your company is doing to mitigate them, and then articulating that information to underwriters can help improve the underwriting process.
The information contained herein and the statements expressed are of a general nature and are not intended to address the circumstances of any particular individual or entity. Although we endeavor to provide accurate and timely information and use sources we consider reliable, there can be no guarantee that such information is accurate as of the date it is received or that it will continue to be accurate in the future. No one should act on such information without appropriate professional advice after a thorough examination of the particular situation.
The contents herein may not be reproduced, reused, reprinted or redistributed without the expressed written consent of Aon, unless otherwise authorized by Aon. To use information contained herein, please write to our team.
Stay in the loop on today's most pressing cyber security matters.
Article 8 Min ReadManaging Cyber Risk through Return on Security Investment
Article 27 Min ReadTop 5 Cyber Threats To Mergers and Acquisitions
Article 12 Min ReadMitigating Insider Threats: Your Worst Cyber Threats Could be Coming from Inside
Article 17 Min ReadWhy HR Leaders Must Help Drive Cyber Security Agenda
Article 14 Min ReadResisting Cyber Attacks Through Layered Security Systems
Environmental, Social and Governance Insights
Explore Aon's latest environmental social and governance (ESG) insights.
Article 9 Min ReadESG Data: How Businesses Can Use Data to Gain an Edge
Article 12 Min ReadWhy ESG Is Even More Important In A Crisis Like COVID-19
Insights for HR
Explore our hand-picked insights for human resources professionals.
Article 9 Min ReadCOVID-19 has Permanently Changed the Way We Think About Wellbeing
Article 11 Min ReadDE&I in Benefits Plans: A Global Perspective
Article 13 Min ReadHow Data and Analytics Can Optimize HR Programs
Article 17 Min ReadWhy HR Leaders Must Help Drive Cyber Security Agenda
Article 10 Min ReadCase Study: The LPGA Unlocks Talent Potential with Data
Article 16 Min ReadNavigating the New EU Directive on Pay Transparency
Article 14 Min ReadHow to Design Better Talent Assessment to Promote DE&I
Article 9 Min ReadTraining and Transforming Managers for the Future of Work
Article 10 Min ReadRethinking Your Total Rewards Programs During Mergers and Acquisitions
Article 21 Min ReadBuilding a Resilient Workforce That Steers Organizational Success | An Outlook Across Industries
How do businesses navigate their way through new forms of volatility and make decisions that protect and grow their organizations?
More Like This
Article 11 Min Read
Belonging at Work: How Employers can Strengthen DE&I
Companies can enhance their DE&I efforts — and gain better returns — by creating a culture that enables their employees to feel a sense of belonging at work.
Article 7 Min Read
5 Tips to Evaluate Future Skills Using Talent Assessments
In a constantly evolving business landscape, talent assessments can help organizations understand current and future skills gaps in their workforces.
Article 10 Min Read
Litigation and Contingent Risks: Unlocking the Value in M&A
Without the proper insurance, litigation and contingent risks can lock up capital and prevent a deal from closing.