The fourth quarter of 2021 shows signs of limited relief for some insureds as rate increases appear to be slowing down for select insureds. However, cyber liability continues to face increasing premiums, underwriting standards, and retentions all while capacity decreases.
The cyber insurance market continued to harden through Q3 and will continue through Q4. Premiums, underwriting standards, and retentions continue to increase while capacity and, in some cases, coverage scope decrease.
Rates have continued to increase, with average premium changes exceeding 100% in many cases. This significant premium increase is likely to become more common in the fourth quarter of 2021. Increases in minimum premiums will affect many small and middle-market buyers, while increasing excess rates will affect buyers with towers of coverage, resulting in above-average year-over-year rate changes.
While no industries are immune to these market conditions, some entities will experience particularly difficult market conditions, such as manufacturers, public entities, and technology providers.
Underwriting standards also continue to increase. Insurers continue to focus on foundational security such as multi-factor authentication (MFA) for remote access, privileged access, access to remote desktop protocol (RDP) and backups, employee training, email security, conservative granting of local administrative rights, and backup procedures and standards. The demand for endpoint detection and response (EDR) tools and security operations centers (SOC), which were once only expected for very large applications, has moved into the middle sector. Insurers are also focusing on end-of-support software, with some insurers moving to exclude any losses that involve this legacy software.
Insurers have become stricter with the timing of these controls. In the first and second quarters of 2021, insurers commonly accepted controls being implemented 30-90 days after binding. Currently, many insurers are demanding that all controls be in place by the time of binding, with some requiring all controls in place at the time of quoting and some requiring controls to be in place for 90 days before quoting.
The Squeeze on Capacity
Capacity is becoming more scarce. For most of 2021, insurers have attempted to limit losses by decreasing the maximum limit offered to any single risk. Historically, insurers would offer $10 million limits liberally. Today, most insurers will not offer more than $5 million. In many cases, this doubles the number of insurers involved in a program, which requires additional underwriting time and may result in higher premiums.
The fourth quarter also may bring additional pressures due to capacity limitations in the London market, where syndicates are capped on the amount of business they may write in a calendar year. This additional market shrink may reduce competition for some buyers, negatively impacting renewals.
New Restriction On Coverage
Insurers are becoming more willing to restrict coverage, with ransomware events being the most affected area of coverage. Sub-limits, co-insurance, and even ransomware exclusions are becoming more common. While some insurers are implementing this as a broad strategy, well-protected firms are still likely to maintain their quality of coverage, albeit with higher premiums and retentions. The application of sub-limits, co-insurance, or ransomware exclusions is being targeted at buyers who lack best-in-class controls. Other insurers are looking to limit coverage for systemic events, such as what happened with Solar Winds, Microsoft Exchange, or Kaseya, or insurers may limit coverage for unpatched software vulnerabilities.
Fourth Quarter Trends Across Property & Casualty
Read our full State of the Market Trends in the Fourth Quarter of 2021 report for notable updates in the marketplace.
Dive deeper on any topic with our team to better understand how these trends may impact your business. Fill out the form below to continue the conversation.
This document is provided for general information purposes only and is not intended to, nor should it be considered as, providing any legal or tax advice or legal or tax opinions relating to any specific topic, facts, or circumstances. Readers are directed to consult their legal counsel and tax advisor concerning any legal or tax questions that may arise.
Interested in learning more? Connect with us today: