Opaque nature of cyber risks makes captives managers wary
Companies looking to better utilise their captive to take on more risks such as cyber, need to adopt a risk-based approach and define an optimal risk financing strategy, according to Adam Peckman, global practice leader at Aon Risk Solutions, speaking at a cyber security panel at the Vermont captive Insurance Association (VCIA) annual conference in Burlington, Vermont.
Peckman identified two main challenges of utilising a captive in the cyber space, the main being arriving at a common understanding of the definition of ‘risk’.
Robert Parisi, managing director of Marsh USA, suggested that cyber insurance policies are modular in nature, as they contain a number of different coverages blended under one policy form.
Peckman said: “When we speak to clients on why they haven’t proceeded with using their captives, 95 percent say it’s a lack of clarity surrounding the T&Cs of the coverage.
“Back to Robert’s modular view of what that coverage looks like, 95 percent of clients are saying they can’t get their head around the diversity of coverage around them.”
And only 38 percent of risk managers actively participate in cyber risk analysis, according to Aon’s cyber captive survey and report 2016.
The second issue captives face is navigating the complexities of the market, said Peckman.
Nearly 95 percent of companies state clear policy wording as the most important issue, and 75 percent of larger companies feel loss adjustment process and coverage interpretation is not well understood.
Peckman added that captives must able to identify cyber risks and assess the security posture against common standards that are utilised by the insurance markets for their underwriting process.
They must then evaluate the materiality of the financial exposures arising from a range of cyber risk scenarios, and determine the optimal programme structure, in terms of pricing retention and limits, he explained.
And cyber security threats have grown significantly. In 2006, about 10 million malicious websites were identified, whereas in 2016, the number jumped to over 218 million, as highlighted by Ryan Spelman, senior director of the Center for Internet Security.
According to Aon’s cyber captive survey and report, businesses are losing $450 billion from cyber crime, growing to an estimated $2-6 trillion by 2021.
The Aon survey highlighted that only 9 percent of companies are utilising their Aon-managed captive for cyber risk, but it is projected this figure will reach 20 percent by 2022.
Get the latest captive insurance news sent to your inbox every week - Sign up to our free email newsletters