Are Cyber Insurers Ready For The Big One?

If you could take all the angst that companies periodically feel about cyber attacks and bottle it, you would have what the cyber insurance carriers are now having to deal with all the time, without knowing quite what it amounts to. Up to now the industry as a whole has escaped a major hit, in part by using every argument they can to deny coverage and partly because their liabilities, although substantial, have been manageable under the conventional paradigm. But according to this article by Bloomberg writer Oliver Suess, that may be about to change. He quotes the chief innovation officer at one underwriter, who says that it would take only “a combination of WannaCry’s wide reach and Petya’s destructive force to cost cyber insurers something like $2.5 billion, or a full year of gross premium income in the market.” Another industry commentator, however, is quoted as saying that, yes, some big claims are no doubt coming, but the market will be able to absorb them (although his hypothetical meta-cyber attack is $1 billion, not $2.5.) Regulators are said to be concerned, and one of them – the U.K.’s Prudential Regulation Authority – said it expected carriers “to introduce measures that reduce the unintended exposure to this risk.”