In Partnership with
Is cyber at an inflection point?
With lowering premiums and increased capacity, the cyber insurance market is much more stable than in previous years. However, experts caution against complacency in this highly dynamic space
Jacob Ingerslev
Tokio Marine HCC
– Cyber & Professional Lines Group
Industry experts
David Anderson,
Woodruff Sawyer
John Farley
Gallagher
Shiraz Saeed
Arch Insurance
Jacob Ingerslev is responsible for the open market cyber & tech E&O underwriting team and products at Tokio Marine HCC – Cyber & Professional Lines Group. Ingerslev has over 20 years’ experience in a wide range of underwriting disciplines across the US, European, and Lloyd’s insurance markets. He most recently worked at The Hartford where he was chief underwriting officer for the cyber risk and technology E&O business. Prior to this, Ingerslev was head of US technology E&O, cyber and media liability at CNA.
Tokio Marine HCC – Cyber & Professional Lines Group
Jacob Ingerslev
David Anderson is Woodruff Sawyer’s vice president of cyber based in New York, NY. For over 11 years, Anderson has been a dedicated and fierce advocate for his clients, focusing on complex cyber, privacy, technology, and professional liability issues. With extensive experience in risk assessment, pre-breach network security risk discovery and management, as well as hands-on post-incident client support and claims advocacy, Anderson is committed to helping his clients navigate a complex and ever-changing cyber and professional liability insurance marketplace to ensure they achieve market-leading coverage terms and conditions at the best possible premium.
Woodruff Sawyer
David Anderson
John Farley leads Gallagher's cyber practice in the US and works closely with our teams across the world in our global cyber practice. He provides thought leadership on a variety of cyber risk management best practices. Farley assists clients across all industries in navigating the dynamic cyber insurance markets as a means to cyber risk transfer while providing guidance on emerging regulatory risk, cyberattack techniques, cyber risk prevention, and data breach cost mitigation strategies.
Gallagher
John Farley
Shiraz Saeed leads the cyber risk product for Arch Insurance Group. Saeed is responsible for the strategic direction for the underwriting, distribution, and marketing of the cyber risk products and services offered by Arch. He also leads the technology and telecommunications industry practice vertical. Saeed joined Arch in 2021 and has been in the cyber risk industry for over 10 years. Prior to joining Arch, Saeed had obtained a BA in finance from Hofstra University and an MBA in strategic management from Pace University. He started his tenure in the insurance industry within the professional liability division of American International Group (AIG) and quickly progressed to be part of the cyber risk product team responsible for the east coast territory. Most recently, Saeed was the practice leader for cyber risk at Starr Global Insurance, where he oversaw the strategic direction for their cyber risk products and services. With his extensive experience, he is able to help stakeholders both internally and externally better understand the complexity of cyber risk, while also working with them to create solutions to help manage it.
Arch Insurance
Shiraz Saeed
Michael Phillips is cyber practice leader, USA at CFC, the specialist insurance provider, pioneer in emerging risk, and market leader in cyber. Phillips also serves as co-chair of the ransomware task force convened by the Institute for Security & Technology. An experienced lawyer and underwriter focused on cyber risk, his tech and legal writing has been published by The New Yorker, BuzzFeed, and Bloomberg.
CFC
Michael Phillips
“For us, it’s [about] continuing to perfect the monitoring and alerting piece. Threat actors are getting very fast with automation tools, which means we have to be faster”
Jacob Ingerslev,
Tokio Marine HCC – Cyber & Professional Lines Group
The cyber insurance market is softening in 2024, but not without some challenges.
Ransomware attacks are on the rise, and underwriters are becoming more selective about the risks they cover.
Some of the industry’s top experts gathered for a roundtable hosted by Insurance Business to delve into developments in the cyber market.
According to John Farley, managing director of Gallagher’s cyber liability practice, recent months have shown a continuation of the softening conditions seen in 2023. But he believes the market will come to an inflection point.
“Underwriters are surgically addressing the risks they don’t want to cover. We are seeing a shift in appetite in how underwriters want to deal with those risks, which requires more due diligence around finding coverage for your clients’ risks”
David Anderson,
Woodruff Sawyer
“We are seeing much more stabilization on primary layers and in the SME space,” Anderson said. “Underwriters are surgically addressing the risks they don’t want to cover. We are seeing a shift in appetite in how underwriters want to deal with those risks, which requires more due diligence around finding coverage for your clients’ risks.”
Competition among carriers is heating up after a flurry of new entrants in recent years. But Shiraz Saeed, vice president – cyber risk product leader at Arch Insurance, noted that while there’s ample capacity within the market, there are varying levels of competition across different segments.
In the small to medium-sized enterprise (SME) sector, some established carriers are reassessing their pricing due to data insights from actuaries, which may lead to adjustments in premium rates. However, in the middle market and larger accounts, there appears to be excess capacity, leading to pressure on premium rates and a focus on market share over underwriting discipline.
“Carriers in the SME space for more than five years are having a sobriety moment,” Saeed said.
Michael Phillips, US cyber practice leader at CFC, meanwhile, praised the market’s discipline in the face of rising ransomware threats. But amid its growth, the market has missed a key opportunity: tapping into the small-business segment.
“There have been a lot of investments in digitizing the application and scanning processes, [as well as] efforts to create engagements between the broker and carrier communities in terms of quoting and binding portals,” said Saeed.
“Over the next couple of years, you’re going to see a lot of the fruits of that labor changing the underwriting process.”
“We’re seeing an increase in cyber claims, most notably from ransomware attacks in the supply chain,” said Farley. “At some point this year, I think we may hit an inflection point where those softening conditions may turn into a flat market or even a slightly increasing market in terms of rates.”
Jacob Ingerslev, SVP, underwriting, cyber & tech at Tokio Marine HCC – Cyber & Professional Lines Group, a member of the Tokio Marine HCC group of companies based in Houston, Texas, argued change is coming faster than we think.
“I think the slight hardening is coming faster,” he said, forecasting a shift in the second or third quarter of 2024. “There are already pockets where this is happening. Some industries are performing worse than others.”
“What frustrates me isn’t the competition itself, but we’re not increasing market penetration fast enough,” Phillips said. “Right now, there’s competition picking up accounts from one another.
“Cyber still is a product that almost all small businesses haven’t bought. It’s never been more necessary for them to enter the market and see the wonderful services and comprehensive solutions we can provide. We’ve got a lot of work to do to grow the whole pie.”
Cyber premiums are expected to continue trending downward, especially among large excess towers and higher layers of cyber programs.
David Anderson, vice president of cyber at Woodruff Sawyer, noted that corporate buyers continue to see pricing reductions of as much as 10 percent to 15 percent as competition tightens.
Read on
Data and analytics are crucial for managing cyber risk and improving underwriting processes. Some experts on the panel noted that technological advancements are helping drive more proactive approaches to cyber risk.
“The market’s growth is a good thing because there is an extraordinary cyber protection gap for small and mid-sized businesses, and even for large businesses,” Phillips said.
Saeed echoed this sentiment, highlighting a data and analytics “revolution” on the carrier side. He described a shift toward employing artificial intelligence (AI) and data analytics to streamline processes, reduce friction, and enhance efficiency in engaging with consumers and brokers.
“The biggest shift [in the industry] is that cyber insurers and brokers are moving to a more proactive model, combining comprehensive preventative services and risk management tools with the insurance product,” said Phillips. “There’s a real opportunity to be more proactive as a business partner to our clients.”
Farley noted that modeling tools are evolving to give clients better insight into the appropriate cyber insurance policy limits.
“[Clients ask,] ‘What’s a cyber attack going to cost me?’ We struggle with that answer, but the modelling tools are helping us get there. They’re not perfect, [but] they get better year over year as they get more claims data,” he said.
Tokio Marine HCC – Cyber & Professional Lines Group (CPLG) is the US marketing name used to describe the cyber and professional lines-related insurance operations of Tokio Marine HCC. Tokio Marine HCC is a member of the Tokio Marine Group, a premier global company founded in 1879 with a market capitalization of $46 billion as of September 30, 2023. Headquartered in Houston, Texas, Tokio Marine HCC is a leading specialty insurance group. Tokio Marine HCC’s major domestic insurance companies have financial strength ratings of A+ (Strong) from S&P Global Ratings, A++ (Superior) from AM Best, and AA- (Very strong) from Fitch Ratings. CPLG provides unique insurance solutions for clients all over the United States and is committed to driving the insurance industry forward with innovative products and programs in cyber liability, professional liability, and turnkey reinsurance. CPLG’s underwriting, risk management, and claims-handling experience has unparalleled expertise and the confidence to propel businesses forward.
Find out more
CFC is a specialist insurance provider, pioneer in emerging risk, and market leader in cyber. Our global insurance platform uses cutting-edge technology and data science to deliver smarter, faster underwriting and protect customers from today’s most critical business risks.
Headquartered in London with offices in New York, San Francisco, Austin, Brussels, and Brisbane, CFC has over 800 staff and is trusted by more than 100,000 businesses in 90 countries. Learn more at cfc.com and LinkedIn.
In Partnership with
Is cyber at an inflection point?
With lowering premiums and increased capacity, the cyber insurance market is much more stable than in previous years. However, experts caution against complacency in this highly dynamic space
Read on
Shiraz Saeed
Arch Insurance
John Farley
Gallagher
David Anderson
Woodruff Sawyer
Jacob Ingerslev
Tokio Marine HCC – Cyber & Professional Lines Group
Industry experts
Jacob Ingerslev is responsible for the open market cyber & tech E&O underwriting team and products at Tokio Marine HCC – Cyber & Professional Lines Group. Ingerslev has over 20 years’ experience in a wide range of underwriting disciplines across the US, European, and Lloyd’s insurance markets. He most recently worked at The Hartford where he was chief underwriting officer for the cyber risk and technology E&O business. Prior to this, Ingerslev was head of US technology E&O, cyber and media liability at CNA.
Tokio Marine HCC – Cyber & Professional Lines Group
Jacob Ingerslev
David Anderson is Woodruff Sawyer’s vice president of cyber based in New York, NY. For over 11 years, Anderson has been a dedicated and fierce advocate for his clients, focusing on complex cyber, privacy, technology, and professional liability issues. With extensive experience in risk assessment, pre-breach network security risk discovery and management, as well as hands-on post-incident client support and claims advocacy, Anderson is committed to helping his clients navigate a complex and ever-changing cyber and professional liability insurance marketplace to ensure they achieve market-leading coverage terms and conditions at the best possible premium.
Woodruff Sawyer
David Anderson
John Farley leads Gallagher's cyber practice in the US and works closely with our teams across the world in our global cyber practice. He provides thought leadership on a variety of cyber risk management best practices. Farley assists clients across all industries in navigating the dynamic cyber insurance markets as a means to cyber risk transfer while providing guidance on emerging regulatory risk, cyberattack techniques, cyber risk prevention, and data breach cost mitigation strategies.
Gallagher
John Farley
Shiraz Saeed leads the cyber risk product for Arch Insurance Group. Saeed is responsible for the strategic direction for the underwriting, distribution, and marketing of the cyber risk products and services offered by Arch. He also leads the technology and telecommunications industry practice vertical. Saeed joined Arch in 2021 and has been in the cyber risk industry for over 10 years. Prior to joining Arch, Saeed had obtained a BA in finance from Hofstra University and an MBA in strategic management from Pace University. He started his tenure in the insurance industry within the professional liability division of American International Group (AIG) and quickly progressed to be part of the cyber risk product team responsible for the east coast territory. Most recently, Saeed was the practice leader for cyber risk at Starr Global Insurance, where he oversaw the strategic direction for their cyber risk products and services. With his extensive experience, he is able to help stakeholders both internally and externally better understand the complexity of cyber risk, while also working with them to create solutions to help manage it.
Arch Insurance
Shiraz Saeed
In Partnership with
Is cyber at an inflection point?
With lowering premiums and increased capacity, the cyber insurance market is much more stable than in previous years. However, experts caution against complacency in this highly dynamic space
Read on
Shiraz Saeed
Arch Insurance
John Farley
Gallagher
David Anderson
Woodruff Sawyer
Jacob Ingerslev
Tokio Marine HCC
– Cyber & Professional Lines Group
Industry experts
Shiraz Saeed leads the cyber risk product for Arch Insurance Group. Saeed is responsible for the strategic direction for the underwriting, distribution, and marketing of the cyber risk products and services offered by Arch. He also leads the technology and telecommunications industry practice vertical. Saeed joined Arch in 2021 and has been in the cyber risk industry for over 10 years. Prior to joining Arch, Saeed had obtained a BA in finance from Hofstra University and an MBA in strategic management from Pace University. He started his tenure in the insurance industry within the professional liability division of American International Group (AIG) and quickly progressed to be part of the cyber risk product team responsible for the east coast territory. Most recently, Saeed was the practice leader for cyber risk at Starr Global Insurance, where he oversaw the strategic direction for their cyber risk products and services. With his extensive experience, he is able to help stakeholders both internally and externally better understand the complexity of cyber risk, while also working with them to create solutions to help manage it.
Arch Insurance
Shiraz Saeed
John Farley leads Gallagher's cyber practice in the US and works closely with our teams across the world in our global cyber practice. He provides thought leadership on a variety of cyber risk management best practices. Farley assists clients across all industries in navigating the dynamic cyber insurance markets as a means to cyber risk transfer while providing guidance on emerging regulatory risk, cyberattack techniques, cyber risk prevention, and data breach cost mitigation strategies.
Gallagher
John Farley
David Anderson is Woodruff Sawyer’s vice president of cyber based in New York, NY. For over 11 years, Anderson has been a dedicated and fierce advocate for his clients, focusing on complex cyber, privacy, technology, and professional liability issues. With extensive experience in risk assessment, pre-breach network security risk discovery and management, as well as hands-on post-incident client support and claims advocacy, Anderson is committed to helping his clients navigate a complex and ever-changing cyber and professional liability insurance marketplace to ensure they achieve market-leading coverage terms and conditions at the best possible premium.
Woodruff Sawyer
Timothy J. Hall
Jacob Ingerslev is responsible for the open market cyber & tech E&O underwriting team and products at Tokio Marine HCC – Cyber & Professional Lines Group. Ingerslev has over 20 years’ experience in a wide range of underwriting disciplines across the US, European, and Lloyd’s insurance markets. He most recently worked at The Hartford where he was chief underwriting officer for the cyber risk and technology E&O business. Prior to this, Ingerslev was head of US technology E&O, cyber and media liability at CNA.
Tokio Marine HCC
– Cyber & Professional Lines Group
Jacob Ingerslev
Share
Share
Share
Lowering rates, rising competition – what’s happening in cyber?
Published May 20, 2024
Contact Us
Specialty
Best in Insurance
Resources
Risk Management
TV
News
US
Copyright © 2024 KM Business Information US, Inc
RSS
Sitemap
Contact us
About us
Conditions of Use
Privacy policy
Terms & conditions
People
Contact Us
Specialty
Best in Insurance
Resources
Risk Management
TV
News
US
Copyright © 2024 KM Business Information US, Inc
RSS
Sitemap
Contact us
About us
Conditions of Use
Privacy policy
Terms & conditions
People
Contact Us
Specialty
Best in Insurance
Resources
Risk Management
TV
News
US
Copyright © 2024 KM Business Information US, Inc
RSS
Sitemap
Contact us
About us
Conditions of Use
Privacy policy
Terms & conditions
People
Michael Phillips
CFC
Michael Phillips
CFC
Michael Phillips is cyber practice leader, USA at CFC, the specialist insurance provider, pioneer in emerging risk, and market leader in cyber. Phillips also serves as co-chair of the ransomware task force convened by the Institute for Security & Technology. An experienced lawyer and underwriter focused on cyber risk, his tech and legal writing has been published by The New Yorker, BuzzFeed, and Bloomberg.
CFC
Michael Phillips
Arch Insurance is a market-leading insurer, providing a wide range of property, casualty, and specialty insurance options for corporations, professional firms, and financial institutions across the US. Our approach to doing business is based on collaboration, responsiveness, and commitment. Together with our business partners, we pursue better ways of doing things and designing more effective solutions to respond to the needs of our customers.
Investments in underwriting and risk management technology ‘paying off’
“At some point this year, I think we may hit an inflection point where those softening conditions may turn into a flat market or even a slightly increasing market in terms of rates”
John Farley, Gallagher
More than ever, the insurance industry is equipped to provide crucial risk prediction and prevention advice using advanced AI and machine learning technologies.
For Phillips, these improved capabilities offer carriers and brokers a real opportunity to be proactive business partners with clients.
The shift to a proactive cyber insurance approach
Though insureds have made significant progress in bolstering their cyber defenses, experts at the virtual roundtable agreed that the industry could ill afford to rest on its laurels.
Ingerslev highlighted the need for carriers to stay vigilant and agile in detecting vulnerabilities, especially with the increasing speed and scalability of cyber threats.
“Cyber risk continues to evolve, so we have to be on our toes,” Ingerslev said. “For us, it’s [about] continuing to perfect the monitoring and alerting piece. Threat actors are getting very fast with automation tools, which means we have to be faster.”
Cyber risk mitigation must evolve with threats
“There have been a lot of investments in digitizing the application and scanning processes… Over the next couple of years, you’ll see a lot of the fruits of that labor changing the underwriting process”
Shiraz Saeed,
Arch Insurance
When it comes to risk mitigation, Ingerslev emphasized the importance of simple yet effective measures like multi-factor authentication, noting that half of cyber attacks result from the absence of such basic security protocols.
Meanwhile, Farley stressed the need for organizations to prioritize incident response planning, such as ransomware simulations, to meet regulatory requirements and effectively manage crises.
“Cyber insurers and brokers are moving to a more proactive model, combining comprehensive preventative services and risk management tools with the insurance product. There’s a real opportunity to be more proactive as a business partner to our clients”
Michael Phillips,
CFC
“You have more and more requirements to report incidents to regulatory bodies, and if you can’t meet those requirements, you’d be subject to fines and litigation and a whole host of reputational harm,” Farley cautioned organizations. “You need to practice the response before the crisis happens.”
At the same time, Anderson raised the persistent threat of social engineering and phishing attacks as the weakest link in cybersecurity. He called on organizations to implement ongoing employee training to mitigate human errors that often lead to breaches.
“I think the areas of focus that we should continue to push our clients to evolve and be aware of are social engineering and phishing training,” Anderson said. “People continue to click on things they should not be clicking.”
Phillips agreed that human error continues to be an overlooked weakness in cyber risk mitigation strategies. He urged organizations to go beyond reliance on technology solutions and take a human-centric approach to cybersecurity.
“I think many organizations know that they’ve got to make certain targeted cybersecurity spends, but my fear is that many of them look at their tech stack – the bells and whistles that they bought – and say, ‘Well, that’s done. I’ve solved that problem,’” said Phillips.
Cyber claims severity and frequency
CFC data, January – December 2023
Direct written premiums declined for the first time in 2023
Standalone cyber coverage direct loss & DCC ratios
Source: S&P Global Market Intelligence
statutory cybersecurity and identity theft insurance coverage supplement data
Direct written premiums (RHS)
80
70
60
50
40
30
20
10
0
2015
2016
2017
2018
2019
2020
2021
2022
2023
6,000
5,250
4,500
3,750
3,000
2,250
1,500
750
0
Michael Phillips
CFC
Michael Phillips is cyber practice leader, USA at CFC, the specialist insurance provider, pioneer in emerging risk, and market leader in cyber. Phillips also serves as co-chair of the ransomware task force convened by the Institute for Security & Technology. An experienced lawyer and underwriter focused on cyber risk, his tech and legal writing has been published by The New Yorker, BuzzFeed, and Bloomberg.
CFC
Michael Phillips
