Pre-acquisition, JLT Asia put together a regional survey on the latest Cyber buying trends across Asia in January 2019. 2018 saw cyber security issues dominating headlines across Asia and a continued uptake in cyber insurance, with a 50% increase in JLT Asia’s policy count and a 70% increase in the total premium placed in the insurance market. Below are the key cyber buying trends of 2018 noted in our regional survey, plus our predictions for 2019:
Cyber Insurance by Industry
Our survey found that Asian buyers of cyber insurance, consistent with the global market, are overwhelmingly in industries that rely heavily on technology and/or hold significant amounts of personal data. The technology and telecommunications sector made up 30% of our book over the past year; while financial institutions represented 20%.
In addition, their reliance on operational technology (OT) exposes them to greater risk of business interruption from nonphysical damage risks.
Despite the sensitive information risk, the healthcare sector continues to only see a modest uptake in cyber insurance (3% of the book). However, the various high profile data breaches that caused significant financial impact within the Singaporean health sector in late 2018 may prompt a change of heart in 2019.
Limits and Cover
During 2018, average limits increased from US$6 million (2017) to US$8 million, while average premiums have increased by 20% year on year. This increase in limits and premium reflects a growing awareness of the product and its key role in protecting company balance sheets, as claims become increasingly frequent and severe.
Last year there was also a noticeable increase in companies purchasing non-physical damage business interruption cover prompted by all the cyber-attack publicity. Asian businesses continually stress that business interruption cover is a greater selling point of cyber insurance than data liability cover.
According to the survey, 72% of our clients bought business interruption (BI) extensions in 2018, compared with just 62% in 2017. However, despite this increased uptake, insurers remain cautious about retention thresholds and there wasn’t a substantial reduction in either monetary or waiting time retentions for BI cover.
We saw a steady increase in the number of claims present on our books in 2018, with the top three claims triggers being ransomware, privacy breach and network security breach. 40% of claim notifications came from Hong Kong in Asia and notifications were made under 12% of our policies.
We expect cyber uptake to continue to grow in the midst of new regulatory changes within the region, specifically in Singapore, China and the Philippines. The extra territorial reach of the EU’s General Data Protection Regulation (GDPR) is also increasing the liability risk landscape, with business interruption being the most prominent concern.
In an attempt to address the unexpected silent cyber losses within the insurance market, we’re starting to see more and more insurers looking to impose cyber "clarifications" under other insurance lines including; Property and Casualty (P/C), Professional Indemnity (PI) and Directors and Officers (D&O) Liability.
These moves need to be carefully evaluated, as the potential implications for such a new risk area cannot be fully understood.