Insurers Report Cyber Insurance Data To NAIC
Overview
Annual information about the U.S. cyber insurance market has been hard to come by until now, but new reporting requirements developed by the National Association of Insurance Commissioners (NAIC) now enable insurers to better track cyber insurance policies issued in the marketplace.
This preliminary analysis of the data, as reported on the Cybersecurity and Identity Theft Coverage Supplement for insurer financial statements, gives us an understanding of the size and shape of a rapidly growing market.
For the year ended December 31, 2015, direct written premiums in the U.S. cyber insurance market totaled $1.2 billion, based on data reported to the NAIC as of April 25, 2016, and sourced from S&P Global Market Intelligence.
Two types of coverage are included in the supplement: cybersecurity and identity theft, so totals are for the combined market. Cyber policies generally cover commercial risks. Identity theft is a personal lines coverage that addresses the risk that an individual’s identity is stolen.
The data was gathered from U.S. property/casualty insurers writing cyber liability coverage nationwide only. Since a significant amount of cybersecurity insurance is written via Lloyd’s and other international insurance markets, it is likely that actual U.S. premiums are considerably higher than $1.2 billion.
Both stand-alone coverage and packaged policies are included in the data request. Packaged policies are cybersecurity and ID theft policies that may be included as part of a commercial multi-peril package; stand-alone policies offer specialized cyber risk coverage that is tailored to the individual needs of a company.
The types of losses and liabilities that cyber risk policies may cover include: damage to, and/or destruction of, valuable information assets due to viruses, malicious code; expenses and legal liability resulting from a data breach including defense costs, settlements and judgments; regulatory investigations, fines and penalties; business interruption resulting from an attack that disables company operations; losses arising from an extortion threat against a company’s network; and expenses incurred as a result of an identity theft, such as providing access to identity theft call centers.
Cyber Insurance Market: 2015
Of the total $1.2 billion in direct written premiums in the U.S. cyber market (cybersecurity and ID theft) in 2015, packaged policies accounted for $733.3 million, or 59 percent, making up slightly more of the combined market. Stand-alone coverage accounted for $501.9 million, or 41 percent.
The total number of policies in force in the U.S. cyber insurance market amounted to 18.5 million in 2015.
Packaged policies made up the majority of total combined policies in force, accounting for 97 percent (almost 18 million policies), while just 3 percent (561,182) were stand-alone policies.
If the U.S. cybersecurity business being written via international markets were included in this data, the number of stand-alone policies for cyber risks would probably account for a greater proportion of the overall market.
0 comments:
Post a Comment