With 2017’s record-high number of cyber-security complaints in Asia, businesses in the region are increasingly looking for cyber cover in the insurance market.
Last year AIG reported an 87% rise in Asia cyber insurance requests, in line with the 95% growth in policy count and 80% increase in premium we saw in JLT’s Asia book.
The JLT regional survey found that the greatest uptake in policies came from the telco, technology and IT sector (25%) where well documented losses, like the Malaysian data breach, drove sector awareness.
Asian buyers of cyber insurance are still overwhelmingly from industries that hold significant amounts of personal data, including the hospitality (20%) and financial (19%) sectors. However as almost all organisations re-gear their businesses to harness technology, traditional analogue industries such as the property, construction and engineering sectors have started to buy cover.
The chart below shows the percentage of cyber buyers by sector based on JLT’s Asia book:
Asian businesses are still comparatively slow in taking up cyber insurance. Compared to 66% of companies in the United States, only about 20% of companies in Asia are insured against cyber-attacks, according to FM Global’s Vice-President of Cyber Risk Insurance Products, Grace Ries. Coming off this relatively low base experts expect to see explosive annual growth in the region with total premiums estimated to be valued at USD 50 million today and forecasted to grow 10-fold by 2025 to USD 500 million.
Findings from our survey backed up this trend with average limits increasing by 5%, to circa USD 5 million, and average premiums up 4%. 90% of our clients with limits over USD 5 million now purchase business interruption cover as they realise that much of their day-today business operations are reliant on potentially vulnerable IT infrastructure and interconnectivity issues. Despite insurers writing considerably more business interruption cover they remain cautious around retention thresholds and we saw no meaningful reduction in both the monetary and waiting time retentions for business interruption cover.
The survey found that 80% of 2017 policies were “stand-alone” cyber with the outstanding 20% coming from blended cyber and professional indemnity policies. This trend towards “stand alone” cyber purchases is something we have seen develop over the past few years. For businesses that have tied in cover with a professional indemnity policy, this is now proving to be a short-term solution as limits could be easily eroded if a serious cyber event was to occur, and coverage cannot be expected to be as broad as a standalone cyber insurance policy.
We expect cyber uptake to further increase in 2018 as new regulatory changes in the region, specifically in Singapore, China, and the Philippines, plus the extra territorial reach of the EU GDPR increase the liability risk landscape companies operate in while business interruption risks only continue to grow.
Download Cyber Decoder Newsletter
For further information, please contact Sarah Stephens, Head of Cyber, Content and New Technology Risks on firstname.lastname@example.org