OECD STUDY ON SUPPORTING AN EFFECTIVE CYBER INSURANCE MARKET Leigh - - PowerPoint PPT Presentation
OECD STUDY ON SUPPORTING AN EFFECTIVE CYBER INSURANCE MARKET Leigh Wolfrom, Policy Analyst, Directorate for Financial and Enterprise Affairs, OECD OECD Expert Workshop on Improving the Measurement of Digital Security Incidents and Risk Management
Leigh Wolfrom, Policy Analyst, Directorate for Financial and Enterprise Affairs, OECD OECD Expert Workshop on Improving the Measurement of Digital Security Incidents and Risk Management 12-13 May 2017 Swiss Re Centre for Global Dialogue
2
3
4
5 10 15 20 25 2012 2013 2014 2015 2016 2017 2018 2019 2020 2021 2022 2023 2024 2025 Premiums (USD billion) Europe United States Global
Source: The premium data for Europe and the United States for 2012 to 2015 is from Advisen, reported in Eling and Wirfs, 2016. The 2016 figure for the United States is the mid-point of estimates by PwC, 2015b; Betterley, 2015; Marsh, 2016b. The 2016 figure for Europe is the mid-point for estimates by Thomas and Finkle, 2014; Marsh, 2016b. The projections for the global market are from PwC, 2015b (US, 2018); Insurance Information Institute, 2015 (Europe, 2018); the mid-point of Allianz, Advisen, PwC and ABI as reported in Swiss Re, 2017b (global, 2020) and Allianz as reported in Swiss Re, 2017b (global, 2025). Other years were calculated based on the compound annual growth rate between two projections.
5
6 0.0% 10.0% 20.0% 30.0% 40.0% 50.0% 60.0% 70.0% 80.0% 90.0% 100.0% Incident response costs Regulatory and legal defense costs Fines and penalties Breach of privacy compensation Data and software loss Business interruption Communication and media liability Network security failure liability Cyber ransom and extortion Financial theft and fraud Reputational damage Intellectual property theft Physical asset damage Bodily injury RMS/CCRS review OECD review
Source: “OECD review" includes: (i) eight policies provided or described in the context of the OECD's survey questionnaire (SHA and Hollard from South Africa; QBE Europe and CFC Underwriting from the United Kingdom; Munich Re (Corporate Solutions) from Germany; General Re from the United States; Zurich Insurance from Switzerland; and Delta Insurance from New Zealand); and (ii) publicly available information on fifteen policies provided by insurance companies, brokers and other related providers (CNA Insurance, QBE North America, AIG , Chubb, ISO, Tokio Marine HCC and XL Catlin from the United States; Tokio Marine Kiln, Marsh, Hiscox and Beazley from the United Kingdom; Hiscox from France; Allianz Global Corporate and Specialty from Germany; and Swiss Re (Corporate Solutions) from Switzerland). "CCRS/RMS review" is from Risk Management Solutions, Inc. and Cambridge Centre for Risk Studies (2016) and included 26 stand-alone policies. In the case of both the OECD review and the CCRS/RMS review, many (but not all) of the policies are those that are made available on a global basis.
7
277 171 2.5 Property (Residential & Commercial) General Liability Cyber 50 100 150 200 250 300 Estimated Gross Written Premiums in OECD countries (2015, USD billion) 55% 36% 30% 0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100% US UK Germany Share of companies that have cyber insurance
Source: Estimates for general liability and property are from OECD Insurance Statistics (2017). The estimate for cyber is based on PwC, 2015b; Betterley, 2015; Marsh, 2016b Source: Hiscox (2017). The question asked was: “Do you currently have cyber insurance”
8
59% 15%
0% 10% 20% 30% 40% 50% 60% 70% PP&E Information Assets Share of potential loss covered by insurance 500 34 100 200 300 400 500 600 Property limit Cyber limit Typical insurance limits purchased by a US company with USD 5 billion in revenues (USD millions)
Source: Ponemon Institute, 2017 Source: Lathrop, A. (2016), "Does traditional coverage apply when cyber attacks cause physical damage?", Property Casualty 360°, 29 December.
9
20 40 60 80 100 120 140 2013 Q1 2013 Q2 2013 Q3 2013 Q4 2014 Q1 2014 Q2 2014 Q3 2014 Q4 2015 Q1 2015 Q2 2015 Q3 2015 Q4 Cyber-Insurance Price Index Commercial P&C Index
Source: Marsh (2014a, 2015c, 2016a) (2012=100); Council of Insurance Agents and Brokers (2013, 2014, 2015b, 2016b) (2012 Q4=100). Source: JLT Re
10
11
12