S&P projects cyber insurance premiums to hit $23bn by 2026

Posted on | Posted on Admin

S&P Global Ratings, a provider of credit ratings, research, and analytics, maintains a stable outlook on the global cyber insurance and reinsurance industry, supported by solid underwriting profitability in 2023 and 2024, with expectations for this trend to continue into 2025.

s&p-logo-newThe industry’s stability is further reinforced by substantial increases in cyber insurance rates and tighter terms and conditions on cyber policies, measures that were primarily implemented in 2021 and 2022.

According to S&P Global Ratings, the industry’s stability is crucial given the evolving threat landscape. A combination of stagnant or declining cyber rates alongside a sharp increase in underlying cyber claims could lead to a significant decline in profitability.

To maintain sustainable profitability, S&P Global Ratings emphasises the importance of the cyber re/insurance industry taking proactive steps between 2025 and 2026.

These include encouraging policyholders to strengthen their cybersecurity practices, clarifying policy wording, selectively adjusting rates, and carefully managing retentions and insurance limits. Such actions are viewed as vital for safeguarding long-term profitability and ensuring that capital grows in alignment with exposure.

S&P Global Ratings projects that annual cyber insurance premiums will reach approximately $23 billion by 2026, up from an estimated $14 billion at the close of 2023.

This represents a growth rate of 15-20% annually. The fastest growth is expected in the Asia-Pacific and Latin America regions, where cyber insurance markets are smaller and less mature compared to the United States and Europe.

As one of the fastest-growing subsectors in the global insurance market, cyber insurance is positioned as a key area of focus, with a critical need to develop a sustainable model that meets rising demand and addresses the rapidly evolving risk environment.

Over the past two years, new entrants, including re/insurers and managing general agents (MGAs), have increased competition and capacity within the cyber insurance market, particularly in the US After years of rising premiums and capacity constraints, the most recent cyber insurance renewals have seen softening conditions, leading to a slowdown in growth expectations.

This increased competition has contributed to lower retention rates and premiums, as well as a relaxation of sub-limit requirements for policyholders.

S&P Global Ratings will continue to monitor these developments closely, particularly the potential impact on capital, earnings, and risk exposure assessments of insurers and reinsurers involved in cyber re/insurance. The firm will assess whether these changes result in a reduction of margins that could affect the financial stability of the sector.

“Cyber insurers will help guide policyholder refinements to their cyber security frameworks over the next two years, while ensuring concise policy wording and pursuing selective rate-adjustments to preserve adequate margins,” added S&P Global Ratings analyst Manuel Adam.

AI is significantly accelerating the automation of cyberattacks, particularly in the realms of personalized phishing and email extortion.

These attacks can now be efficiently translated into multiple languages, enabling cybercriminals to target numerous regions with greater scale and effectiveness.

Similarly, Ransomware-as-a-Service (RaaS), in which criminals deploy prebuilt ransomware tools, is expected to increase with the help of AI. This will likely lead to a rise in cybercrime as new markets become more accessible and financially appealing to attackers.

S&P Global Ratings anticipates that understanding AI’s impact on cyber insurance will become a primary focus for the industry over the next two years.

The threat landscape is expected to remain in constant flux, influenced by a continuous struggle between attackers exploiting vulnerabilities and defenders working to close them. This ongoing dynamic will play a significant role in shaping claims development, loss ratios, and the industry’s response to adopting AI tools for more accurate risk evaluation and pricing.

While the insurance industry has improved its understanding and pricing of everyday cyber losses that businesses face, the modelling of systemic risks and the potential for catastrophic cyber events continues to be a major obstacle.

Large-scale cyber incidents, such as coordinated ransomware attacks or widespread malware infections, have the potential to impact multiple businesses simultaneously.

In 2024, shifting privacy regulations added a layer of legal uncertainty, contributing to an uptick in cyber claims. According to Allianz’s commercial claims analysis, the frequency of large cyber claims increased by 14% in the first half of 2024, with claim sizes rising by 17%.

Additionally, ransomware attacks have become more sophisticated, leading to more frequent cases of business interruption and extortion. Allianz’s data also noted the CrowdStrike outage, caused by a faulty software update, which affected millions of systems across multiple industries and underscored the risks in software supply chains.

S&P Global Ratings is closely monitoring how insurers are managing accumulation risks, particularly in the cyber insurance market. The firm believes that rapid, unchecked expansion into this market, without implementing strong risk management controls, could harm an insurer’s risk exposure, capital strength, and overall earnings stability.

The post S&P projects cyber insurance premiums to hit $23bn by 2026 appeared first on ReinsuranceNe.ws.

Leave a Reply

Your email address will not be published. Required fields are marked *