After my (comparatively) profitable effort in taking a look at 2023 cyber insurance coverage themes, like a gambler on a streak of newbie’s luck, I wished to have one other roll of the cube in providing my ideas on cyber insurance coverage themes to look out for in 2024. As a hostage to my future self, the start of one other new yr is an efficient alternative to set out what could possibly be the dominant themes of the cyber insurance coverage market because it continues to quickly evolve and develop.

1. Occasion reinsurance positive factors momentum

Regardless of fast adjustments within the nature of the unique product and the underlying risk panorama, cyber reinsurance product buildings haven’t saved tempo with these evolving perils. Consumers have restricted selections of proportional or non-proportional buildings. Conventional purchases usually embrace cyber as a part of a broader legal responsibility proportional program, and a few sort of catch-all mixture extra of loss cowl. The problem of those non-proportional packages is that as portfolios have grown, so attachments based mostly on a loss ratio proportion have crept up as effectively. Because of this, these extra of loss packages have not often been triggered, given the constant long run profitability (however the spike of exercise in 2019-21) of the underlying cyber portfolios.

Occasion based mostly set off reinsurance merchandise have been obtainable out there for the previous 1-2 years and have been particularly designed to deal with the inherent potential systemic publicity inside cyber threat. In 2023 there have been a small variety of transactions, and it’s my rivalry that 2024 will see way more widespread adoption. Issues which have held again the product are being addressed, together with hesitation in regards to the readability of the occasion definition language, in addition to elevated capability. Now extra significant limits might be bought alongside mixture extra of loss packages. Over time, these merchandise supply extra environment friendly methods to guard what’s of most concern in cyber portfolios, being a significant tail-risk occasion, while attaching decrease and permitting insurers to retain extra web premium the place the chance profile is extra predictable.

2. Insurtech consolidation

The insurtech M&A panorama has been comparatively quiet in 2023, in comparison with the dizzy heights of 2021 and 2022. There have been a few notable exceptions reminiscent of Resilience with a $100m D spherical of funding and the acquisition of Corvus by Vacationers (which closed on January third). Historic valuations of a few of cyber MGAs conflated approaches of expertise start-ups with insurance coverage organizations, resulting in some eye-watering numbers. After a reset and pause for breath, exercise is poised to choose up once more in 2024 with extra potential consolidation within the underwriting, analytics, and associated cyber safety areas. Because the cyber insurance coverage market continues to develop geographically (and consequently there’s a dilution of the USA because the relative majority of worldwide premium), alternatives proceed to emerge in newer, much less developed markets.

Not like (some may say) the bubble-like qualities of the final rush of buyers into Insurtechs, there’s a flight-to-quality for present buyers, and a path to profitability is extra of a prerequisite at the moment in contrast with a earlier pursuit of progress alone. Apparently for public buyers, the InsurTech index has topped 2023 efficiency of the completely different US based mostly insurance coverage inventory indices. This augurs effectively for 2024, and there’s a good platform the place Insurtech corporations fulfill the a lot vaunted potential they carry to enhance processes, innovation, and expertise to the insurance coverage business, relatively than pushing towards the business by “disrupting” the important thing pillars.

3. Expertise

It has usually been mentioned that cyber is a category of (re)insurance coverage which requires specialists. The technical elements of the peril, and the dynamics of the chance panorama are such that it’s exhausting for generalists to wing it. Consequently, there may be nonetheless a pointy dislocation in provide and demand of cyber (re)insurance coverage practitioners. There are indicators that that is abating within the early profession class, however extra skilled people stay in excessive demand. In the course of the pandemic there was a comparatively excessive turnover of skilled cyber business professionals, exacerbated primarily as a consequence of pressured dwelling working, which made it more durable to take care of crew cohesion. This has calmed a little bit, however as new entrants determine cyber as a significant long run alternative, there continues to be an unquenchable demand for people who’re conversant each in cyber safety points, in addition to having a powerful understanding of market dynamics.

Because the market matures, corporations which prioritise improvement pathways and technical coaching to upskill crew members will likely be beneficiaries of the expertise scarcity. There may be additionally rising demand for a extra clearly articulated sense of function and social worth for potential staff. Growing new expertise internally will likely be an growing development, to develop the pool of consultants to assist the anticipated progress of the market.

4. Danger mitigation goes mainstream

Danger mitigation is an idea almost as previous as insurance coverage itself. Early fireplace insurance coverage corporations supplied methods to restrict the unfold of fireplace, and fireplace breaks had been developed in agricultural land to scale back to potential hurt of wildfires. Cyber insurance coverage has developed a variety of post-loss providers for the wide selection of challenges which may come up from a cyber incident. At this time a variety of insurers (and particularly cyber MGAs) have expanded into providing pre-loss providers and proactive methods of partaking with coverage holders and brokers. 2024 will see these threat mitigation providers turning into desk stakes for many developed cyber markets. They vary from vulnerability alerts to automated methodologies to supply actual time threat scores for particular person corporations.

One problem stays, and that’s demonstrating the worth these threat mitigation providers carry to coverage holders. It’s incumbent on the business to supply the incentives to extend adoption of those providers, not merely to scale back protection for these coverage holders who don’t embrace them.

5. Rising threats combining

No checklist of this nature could be full with out referencing the dramatically growing functions of synthetic intelligence. ChatGPT exploded into public consciousness in 2023 and the enterprise use circumstances in 2024 will possible enhance exponentially. From a cyber threat panorama perspective, the worth, each for assault and defence capabilities, is difficult to overstate.

Moreover, there may be an growing overlap of operational expertise and knowledge expertise. Trade segments reminiscent of vital nationwide infrastructure and autonomous autos are rising as segments which have potential vulnerabilities. When these points are mixed, new dangers will manifest in unanticipated methods, which is able to problem each the cyber safety and insurance coverage markets.

I’m acutely conscious that this checklist just isn’t complete, is essentially subjective, and inevitably may have shortcomings. Hopefully it offers some meals for thought, and I welcome extra views on what to look out for in 2024.