More cyber moved into captives – but firms could be better at pricing the risk


The number of companies using captives to manage cyber risk is growing exponentially but most still rely on their brokers to help price this risk instead of conducting their own financial analysis using stochastic modelling.

Aon would like to help more companies develop their own models to price this risk, according to John English, CEO, captive and insurance management, Aon, told Captive International, speaking at the annual Bermuda Captive Conference taking place this week.

A report by Aon on this topic, called ‘Creating Value for the Cyber Risk Agenda’, released this week, suggests that only 7 percent of companies perform their own modelling when setting premiums. This compares with 67 percent that rely on their brokers, 37 percent that use peer market benchmarking, 41 percent that use experience and intuition and 22 percent that use qualitative risk assessment.

“Despite the sharp untick in the number of companies using their captives for cyber risk, the majority are using their broker or following the wider market to establish pricing. We would like to help them price that risk more accurately themselves,” English said.

The report showed that the volume of captive premium growth for cyber has accelerated in the past year by 263 percent, this increase reflecting the increased capital investment in digital transformation and more financially material cyber security incidents, the report suggests.

English said that this growth has been happening for the past two or three years in the space and is also indicative of a trend of captive owners looking to transfer many more types of risk that are not easily covered by traditional insurance.

The report showed that the biggest sector using captives to manage cyber risk is the healthcare sector (19 percent of all captives assessed are in this sector) followed by energy (15 percent), financial institutions, life sciences and food and beverage (all 7 percent).

Bermuda, Aon, John English, Cyber

Captive International