Notes: PLUS Cyber Symposium 2023

February 16, 2023

After recently joining the Professional Liability Underwriting Society (PLUS), TEKRiSQ attended our first PLUS Cyber Symposium this week in New York City.

We found it to be an excellent event, filled with valuable insight covering the year behind us, the present trends and market changes, the expectations for the future sustainability of cyber insurance and the hopes & aspirations of of many of its key players.

Enjoy our compilation of video highlights;

Video Highlights

The Great Correction

The overwhelming consensus is that the cyber insurance industry has survived (and perhaps began to thrive) the challenging, hardened market over the last two+ years, and now considers it a correction. This term was used repeatedly during the event by brokers, underwriters and industry veterans as a necessary adjustment in response to devastating ransomware claims, insufficient premium, limited capacity, low retention and overly broad coverage terms. Together, these that created somewhat of a perfect storm, which met the increased demand from insureds head-on.

Where is Cyber Insurance Headed in 2023?

We’re already seeing some downward pricing relief in the first month+ of the new year. While its not expected to dip too dramatically, the additional capacity coming into the market is likely to allow brokers and insureds to take advantage of the following;

  • Better deals on retention for insureds doing the right things
  • Higher limits during renewals for good risks at little additional cost

We are already beginning to see far more surgical underwriting, with insurers seeking more meaningful metrics proven to predict cyber risk upfront. We’re seeing less reliance on scans and more unique methods of assessing risk upfront, with models to better anticipate problem areas.

Excerpt From the PLUS Cyber Symposium Materials;

“expect the market stabilization seen in the second half of 2022 to continue into 2023. This is largely due to the decrease in median ransomware payments and implementation of better security controls by Insureds. Competition among cyber underwriters has increased as carriers shift their focus from book remediation to premium growth”

Interesting things overheard at Plus Cyber Symposium;

  • Marsh Cyber Analytics Team On Risk Prediction: Scan data only offers 10% improvement

  • New findings of major risks introduced through the supply chain (70%)

  • Understanding cyber culture is becoming critical to underwriting.  Examples show patching failure was correlated to a 5x increase in claims.  This was not attributed to patching cadence alone. It was found to be was indicative of a pure cyber culture.  (Marsh’s Scott Stransky)

  • Not all checkboxes on the apps have any correlation to claims.

  • Assessing Client Cyber Risk Requires a scalpel approach – underwriters no longer want a one size fits all process.

  • Quality control metrics, on going loss control are very important.  Underwriters don’t like the once per year underwriting process. In any case, this cannot change.  They are at a loss as to how to solve it.

  • Business email compromise is growing from 25% to 36% of all cyber claims