Buyers are underspending, brokers are overwhelmed, and legal threats are rising
Premium reductions, stable pricing, and ample reinsurance capacity have created what many brokers might call an ideal market. But beneath those surface-level conditions, the cyber insurance sector is showing signs of disconnection between buyer behavior and the actual risk environment.
“Certainly, the market is holistically in a good place,” said Joseph Cook (pictured), insurance consultant and practice group leader for technology and cyber at The Arizona Group. “There’s plenty of reinsurance capacity, the pricing is neutral, or, even in some cases, holistically saw a premium reduction on a year-over-year basis.”
However, not all clients are adjusting accordingly. Cook warned that some businesses continue to underinsure, buy inferior products, or approach cyber coverage as a low-risk procurement.
“We still see people buying what we would consider to be too low of limit for their hazard grade. We still see people buying vastly inferior products. We still see people taking odd approaches to their overall procurement strategy,” he said. “We looked at a $60 million revenue casino last month that had a $1,000 deductible on their cyber policy. That just doesn’t seem to track for an organization of that size and scope.”
Soft market drives submissions, strains distribution
With the market loosening, capacity up to $3 million is available with limited underwriting across most sectors. “You can go from maybe three to five million in capacity with an individual carrier with just a little bit of additional underwriting,” Cook said. “Anything over five million, you’re going to hit a little bit more of an underwriting wall.”
He noted a rise in demand among previously underinsured industries, including construction, retail, and wholesale distribution. “Take-up rate seems to be higher in segments that historically have had lower take-up rates,” he said.
Contractual obligations are also shifting procurement behavior. “MSAs and contractual provisions are more often demanding cyber, and more often demanding higher limits than they previously were,” Cook said.
Yet as demand grows, the soft conditions are putting strain on the retail-to-wholesale pipeline. Increased submission volume is causing delays among managing general agents (MGAs) and wholesalers. “You see some bottlenecks with the wholesale providers or the MGAs that us retailers use to access cover,” Cook said.
More opportunity – but also more scrutiny
For brokers, the moment presents both risk and reward. Cook sees a clear opportunity for retail and wholesale firms to expand their cyber book – if they can deepen their expertise.
“If this is a line that you can be competent in, there is certainly enough activity to make some real growth,” he said.
That same pressure now applies to carriers. “As more brokers become more competent, the understanding of what is a quality product and what is not becomes clearer right across the marketplace. Carriers need to make sure that their product is quality,” Cook said.
He also advised clients to use current market conditions to their advantage. “A soft market is a great time to consider additional limit and more advantageous terms and conditions,” he said.
Non-admitted products prove more agile – but require caution
Asked whether the insurance sector is keeping pace with the speed of cyber risk, Cook pointed to the distinction between admitted and non-admitted policies. He argued that the flexibility of non-admitted carriers has become essential.
“Non-admitted carriers right now have a much better chance of keeping up with the ever-evolving landscape of cyberattack vectors and risk exposure because they are not constrained by regulation in the same way that admitted products are,” he said.
Cook noted that regulatory delays can leave admitted products outdated by the time they’re approved. “By the time you were able to push through a refiled product through AZ DIFI, that vector could have disappeared or changed.”
But that flexibility also raises the bar for brokers. “You do need a confident broker to understand good product versus bad product,” he said.
Cook also flagged the role of representations and warranties clauses in policies, which can affect how misstatements during the application process are handled at claim time. He praised wordings that create a strong threshold for denial.
“Unless we can prove that the business information was reckless or deliberate on your part, we will not seek to deny your claim,” he said, paraphrasing best-in-class wording. That standard, he explained, helps guard against unintentional missteps in a fast-changing risk landscape.
Litigation threat looms for directors and officers
While regulatory fragmentation remains a challenge – the US has no national data privacy law akin to the EU’s GDPR – Cook identified a more immediate threat: personal liability for directors and officers.
“I’ve been waiting on this shoe to drop for years,” he said. “At some point, a director, or officer, or a board… will be held liable for a lack of duty of care within their role… for either not purchasing cyber or not purchasing enough.”
When that precedent is set, Cook expects a wave of class action litigation to follow. “That is going to be a feeding frenzy for class action lawsuits and it’ll be an area that will sorely need tort reform – and as you probably know, this country is not famous for making tort reform occur when and when it should.”
In the meantime, he urged companies to stop treating cyber as a discretionary line item. “This is enterprise risk,” he said. “This is no longer some sort of adjacent, maybe-we-do, maybe-we-don’t conversation. Boy, you do not want to be that precedent case.”
Related Stories
LATEST NEWS
