Just: [00:00:22] Hello everyone and welcome to the latest edition of Insurance Business TV. Jen Frost, News Editor, Insurance Business. Today we’re going to be delving into cyber market trends with Steve Robinson, national cyber practice leader at Risk Placement Services. RPS was this year named a five star cyber insurer by insurance business and Steve will be sharing his insights on the state of the cyber market into 2022 and beyond. So this should be a great episode today. Steve, welcome to the show.
Steve: [00:00:54] Oh, thanks for having me, Jen. It’s good to be here.
Just: [00:00:56] It’s great to have you with us today. How would ransomware attacks evolve over the past 12 to 18 months?
Steve: [00:01:04] It’s an interesting question and one that I would say the most interest could probably be consolidated in the last six months. 18 months ago, we were still in that phase of extremely high frequency, high severity ransomware attacks that it wasn’t uncommon to receive notice of 11a day or more at times. More recently, we’ve thankfully witnessed a decline in frequency, particularly, like I said, over the last six months or so. Other things that we’re noting are the threat. Actor groups are often smaller, sometimes less experienced. They’re implementing ransomware as a service model, oftentimes. So typically not uncommon to see these groups that have less experience, that are just pulling this type of service from the Web, executing it. And that can have difficulties in a claim in terms of getting data back. The threat actors ability to be able to even do that. And we’re also seeing smaller demands contrasted against what we saw largely in 20 and 21. So all of this, I think, is encouraging. How permanent that is remains to be seen. But that’s been the trend more recently.
Just: [00:02:14] Of the ransomware claim frequency fell into the beginning of 2022. Why might this be? And is this a trend that’s set to continue?
Steve: [00:02:23] Right. I think the answer to that, there’s a lot of different potential answers to that kind of all coming together at the same time that’s creating what we’re seeing in terms of the lower frequency. Number one, I think there’s certainly been a heightened sense of awareness via news channels in the federal government focused on these types of attacks. I think the large event that took place last summer in the Colonial Pipeline from everything under my understanding, the threat actors did not mean for that to get the kind of attention that it did. And I think we’re in a little bit over their head when it comes to that. And so I think that increased scrutiny and news focus from the federal government is certainly playing into this. Also, I don’t want to underestimate the value that I believe the insurance industry has had in increasing the requirements to even qualify for cybersecurity insurance in the first place. And so if you win the clock back a couple of years ago, you know, insurers weren’t asking a lot of questions. They were willing to put up a lot of capacity. And as a result, we had, I think, a lot of insurance limits that were out there and fully exposed that were really well underwritten. What we’ve had now is things like MFA is among the best deterrents to prevent ransomware attacks. It’s not an acronym that’s unknown to everyone, as it was a couple of years ago. It’s becoming much more commonplace. Things like endpoint detection and response really secure, segmented and backup procedures have been implemented much more widely. So I think it’s the insurance community has had a great role in that and I think small businesses and medium-sized businesses alike have really stepped up their game. All of those things are contributing and we’ll probably talk a little bit about the war in Ukraine and what that impact that maybe has or hasn’t had in this too. But I think it certainly does play a role. Is it set to continue? That’s the million dollar question, right? My belief personally is as long as these attacks are still anonymous and lucrative, they’re going to continue. So I don’t see that going away anytime soon. I think it’s just changing something. The targets are sometimes getting smaller. They’re trying to stay under the radar with lower demands. So all of those things, I think, together contributing to what we’re seeing in terms of that reduction or recently.
Just: [00:04:42] Rates appear to have begun flattening for some insurers into the first quarter of this year. Does this herald a step change for cyber, and can we be looking at a softening market?
Steve: [00:04:52] I would hesitate to call it a softening market at this point. I think it’s a little early for that. Rather, what we’re seeing is a much less drastic swing. And when it comes to increases in many cases, I think that would have been unsustainable had the increases that we saw in last year in 2021 continued at the rate there were going because as we know, we were seeing them very frequently exceed well over 100 % rate increase. I think that was a necessary correction of the market. I think what we’re still seeing in terms of not only pricing but underwriting is a continued necessary correction in the market. It’s a maturing product. And so for the most renewal, recent renewal cycle, we are definitely still seeing increases. Double digit increases is the norm not uncommon to see them starting at the bottom around 20 to 25% and still going sometimes well into six figure increase percentages just depending on the market, but not as much as we were and not the drastic nature that we were seeing this time last year. So I see that as encouragement and a sign of a market that is certainly maturing more. It’s interesting when I talk with agents and they ask about predictability and I said, well, what’s interesting is the more common perils that we’re used to insuring wind, water, fire, theft. These are things that have been happening for hundreds of years. Right. And we’ve got data from which we can extrapolate and build underwriting models and build actuarial tables into cyber, unlike them, is changing literally every day. The threat itself and the very nature of it changes on a daily, weekly, monthly basis. And so as such, it’s a very dynamic coverage that needs to go alongside it and the underwriting changes as well.
Just: [00:06:38] Thanks, Steve. Can you talk about how July renewals have gone? Have there been any challenges for the market?
Steve: [00:06:46] Yes. Market challenges, I would say, certainly. Well, we’ve experienced some capacity challenges. As we know in the last year. Some players have gotten out can be a little more difficult when building large towers for some of the larger risks that we ensure. I would say one of the biggest challenges is just information inundation. So you’ve got this juxtaposition of tons of more information that’s needed from underwriters. You have the brokerage community that is still largely staffed according to yesterday’s requirements. Right. And so you take a huge increase in the amount of information that’s required, the amount of back and forth with the insurers and frankly, a staffing pool that it’s difficult to find good talent as such. We’ve seen a ton of churn within the underwriting and brokerage community. It got so bad. In fact, thankfully, RPS has an experience this nearly to the levels that a lot of others have. It got so bad that we started a campaign on LinkedIn that said, I’m staying. And we highlighted the fact that our long-tenured employees have chosen to continue their careers at RPS. But those that create a lot of disruption in the market with respect to getting deals done. Having that depth and breadth of knowledge that we need from an underwriter perspective as well, and that can translate right on down to the insured as well.
Just: [00:08:09] Do you have any top tips for brokers on supporting clients of the evolving cyber threat?
Steve: [00:08:14] Oh, sure. I would say now that we’re past seven, to use this as an opportunity to take a little bit of a breath and really start making plans for the coming year, 11 months out, right. With your clients, review their cyber applications, the ransomware supplement, supplemental applications that you receive in this most recent renewal cycle and engage with the insurer and talk about where you see deficiencies. That doesn’t mean you have to be an expert. You can certainly partner with a firm like RPS that does have those types of experts on the underwriting side. But but largely wherever you see answers on those apps that are not favorable. Have a discussion with your clients and talk about what is the plan for remedying these types of things. I know they typically are obviously going to involve a commitment of resources, both in investment of money and staffing in order to change those things. But they really need to be changed. It’s in everyone’s best interest. It’s in the interest of the client for them to prevent these claims from happening in the future. And it also is just going to create a more insurable client for them. And the more options they have, the better chances they are going to have better terms and conditions and pricing and things like that for the next renewal. So that would be one thing is really actively engaged in those discussions now as opposed to a month before renewal. Oh my gosh, you need an MFA, you don’t have it in place. And they’re thinking, I can’t afford this. I haven’t had enough time to think about it. We know now we’ve had a good year behind us of these increased requirements for insurance. Let’s engage deeper in that with our clients and have those conversations to see how much better we can become in the next year. And I think it also provides a great opportunity for agents to add value through discussions like that, as opposed to just, here’s your application, fill it out, let me see what I can get. So that would be that would certainly be one thing. And I would say also. Again working with someone who really gets it. What we’re witnessing in is a lot of insurers are putting new exclusions in policies that are going to address things that they should address, things like systemic risk, things like critical vulnerability exclusions that the average insurance agent who might be a generalist will not have any knowledge of. And so unless you’re working in this policy language from multiple different carriers on a daily basis, that can be an exposure for your agency if that’s the case. So I would just again, encourage the partnership with specialized partners who do this on a daily basis, and that will go a long way in creating more value for your clients.
Just: [00:10:42] Well, that seems like a great point to wrap up on today, Steve. Thanks so much for joining us. It’s been great having you on the show.
Steve: [00:10:51] My pleasure. Thank you.
Just: [00:10:53] Thanks, Steve. Thank you. Also to you, our viewers, we couldn’t do it without you. Don’t forget to check out more of our podcasts, videos and Daily News at www.insurancebusinessmag.com/US. I’m Jen Frost, News Editor, Insurance Business.