Building Resilience in a Buyer-Friendly Cyber and E&O Market

Building Resilience in a Buyer-Friendly Cyber and E&O Market
Cyber Resilience

01 of 11

This insight is part 01 of 11 in this Collection.

October 17, 2024 9 mins

Building Resilience in a Buyer-Friendly Cyber and E&O Market

Building Resilience in a Buyer-Friendly Cyber/E&O Market

Competition and capacity are dominating the cyber liability market and pricing remains favorable as a result. Taking advantage of the current buyer’s market to build sustained cyber resilience is the key to success.

Key Takeaways
  1. The primary and excess layers in the cyber and E&O market remain competitive with many flexible options available.
  2. While a soft market is expected to last at least through 2024 and into 2025, several factors could firm pricing in the coming months.
  3. As cyber risks continue to evolve, companies need actionable insights and solutions to strengthen their risk strategies.

While the global cyber threat environment remains volatile, the cyber liability and errors and omissions (E&O) insurance market continues its nearly two-year favorable buyer’s market streak. Competition and capacity remain strong as carriers look to grow their cyber books. However, signs of pricing moderation are appearing on the horizon.

Therefore, buyers should take advantage of the current market. We recommend using saved capital to remain proactive and strengthen your organization’s cyber resilience — and expand your cyber liability and E&O insurance program limits now to prepare for the future.

Q1 2024 Cyber Analytics: Global Cyber Loss Trends

U.S. Remains Top Threat Actor Target:

The U.S. has historically been the top-targeted country globally for ransomware attacks and top target by number of access claims, followed by France, India, Germany and Brazil, according to Aon data. Access claims are instances where threat actors gain network access and, rather than execute an attack, sell the information to ransomware groups, which then initiate the attack. This makes attacks easier and more efficient for the ransomware groups.

Top Countries of Target Victims by Number of Access Claims
Building Resilience content 1
Consumer & Industrial Products Top-Targeted Industry:

The consumer & industrial products sector remains the most targeted industry by ransomware threat actors, as compared to manufacturing and professional services and consulting, according to Aon data.

Data Breach and Ransomware Trends:

Ransomware claims continued to climb, with a 106.4 percent increase in Q1 2024 vs. 65.3 percent in Q1 2023. The frequency of non-ransomware events (privacy and data breach, fraud and social engineering, and lost, missing or stolen data) all declined over the same period, according to Aon data.

Cyber Claims Trends | Q1 2022-Q1 2024
Building Resilience content 2

Pricing in NA and EMEA Remains Competitive

According to Aon data, average North America cyber premiums in the primary market have decreased 8 percent in H1 2024, compared to a 22-percent decline in H1 2023. Cyber and E&O quarterly pricing decreased 5 percent in Q2 2024 versus and 18 percent decline in Q2 2023. EMEA primary pricing has decreased 7.2 percent over the same period.

Cyber and E&O layers remain competitive as well. Premiums declined 8 percent in Q2 2024 compared to a 15 percent decline in Q2 2023. Pricing into 2025 will depend on the frequency and severity of occurrences in 2024. If severity of losses is significant, pricing could harden earlier in 2025. On the contrary, soft pricing could prevail through the balance of 2025 if losses are less substantial.

Cyber Premium Changes by Quarter | 2020-2024
Building Resilience content 3
E&O and Cyber Quarterly Pricing Primary & 1st Excess
Building Resilience content 4

8%

Average primary market premium decrease in H1 2024

Source: Aon data

“We’re in a competitive environment through the end of the year and into 2025,” says Greg Sparacio, U.S. middle leader in Aon’s Cyber Solutions practice. “A lot will depend on the claims that were submitted for systemic events that occurred over 2024, including healthcare events, CDK and CrowdStrike.”

  • North America:

    Buyer-friendly market conditions continue, characterized by healthy competition, abundant capacity and incumbent insurers seeking to retain renewals and potentially expand their participation.

    Risk differentiation is important to insurers, and they have priced it accordingly. Insurers continued to seek underwriting data and best-in-class network security controls, but underwriters have shifted to also focus on understanding and ensuring best-in-class privacy controls and policies.

    “Given the amount of competition in the U.S., especially with larger programs in the high excess space and middle market segment, we are seeing pressure from underwriters who need to grow their books,” says Matt Chmel, chief broking officer for Aon’s Cyber Solutions practice in North America. “That’s a dynamic that is pushing against some of the current claim trends.”

    U.S. loss ratios, as reported to the National Association of Insurance Commissioners (NAIC), have decreased three points to 42 percent in 2023, reflecting stronger controls and increased retentions. At the same time, cyber premiums decreased less than one percent. The key is insurer profitability; insurer combined ratios on average stood at a robust 73 percent, as reported to the NAIC.1

    Canadian insurers are also in growth mode, creating a competitive market with decreased rates from 10 percent to as high as 50 percent in some cases.

    “There is ample capacity across most industry sectors. We can generate traction in multiple offers across most risks, even for clients who don’t have best-in-class controls,” says Katie Andruchow, Aon’s cyber broking practice leader in Canada. “This is not only generating premium movement, but also creativity around insurance coverages.”

  • Europe, Middle East and Africa:

    As in North America, Q3 2024 is expected to yield further buyer-friendly market results, with a majority of savings coming from the high excess layers and increased primary competition.

    As pricing continues to soften, more insureds have opted to purchase additional limits, using data and analytics to support their decisions. Risk differentiation will also remain important to insurers.

    “There are a number of new insurers coming into the market, which gives clients more options and flexibility,” says Søren Stryger, chief cyber broking officer for Aon in EMEA. “From an underwriting perspective, we are still seeing the same level of risk information being required by insurers. However, for renewals and long-term clients, options are much more favorable.”

Quote icon

There are a number of new insurers coming into the market, which gives clients more options and flexibility.

Søren Stryger
Chief Broking Officer, Cyber Solutions, EMEA

On the Horizon: Key Trends Shaping the Cyber Insurance Market

While competitive pricing currently exists for cyber and E&O insurance, the potential for a market change could largely depend on these areas:

  • The cyber threat environment:

    This remains volatile. In fact, the level of threats and attacks is expected to increase in the coming years, with ransomware events on the rise. In addition, human error will continue to be a prevalent issue for organizations.

  • Systemic risk for insurers:

    Insurers continue to evaluate, scrutinize and restrict coverage offered for critical infrastructure, systemic and correlated events and war. This includes the review of exclusionary language related to war, cyber terrorism and state-backed attacks. Systemic risk includes supply chain attacks, with the potential of one vendor experiencing a security or system failure, triggering policies for many organizations and leading to aggregation issues.

  • Incident notification frequency is up:

    This was heightened during the CrowdStrike outage in July 2024. The correlation between frequency and loss incurred, however, is declining as companies exhibit more mature business resilience models and business continuity strategies, which are being viewed favorably by the cyber insurance industry.

  • Unknown global loss impacts:

    The CrowdStrike outage global loss impacts are still unknown, but the outage is expected to affect business interruption (BI) coverages, including system failure and the dependent BI insuring agreements. In the short term, cyber insurers will likely increase the number of questions asked around the use of cyber security platforms such as CrowdStrike.

  • Increasing use of artificial intelligence (AI):

    The era of AI presents its own unique set of challenges for chief information security officers and chief information officers. AI not only has the potential to enhance efficiencies and drive innovation, but also introduces new threats and security risk considerations as cyber criminals use AI to automate and scale attacks.

5 Steps to Help Build Sustained Cyber Resilience

Increased underwriting rigor in the cyber and E&O insurance market in 2021 to 2022 drove greater scrutiny of security controls, rigid guidelines and reevaluation of risk. This helped businesses build significant risk profile improvements, which have combined with higher retentions to fuel the soft market. Retention increases fluctuated between five to seven percent in Q2 2024.

Cyber attacks and data breaches, however, remain the highest concern among business leaders as a result, according to Aon’s Global Risk Management Survey.

As cyber risks continue to evolve, companies need actionable insights and solutions to strengthen their cyber risk strategies and build sustained cyber resilience.

“Exposures will change all the time. You may have improved your cyber security, but it is important to use some of the premium savings to reinvest for the long term and build sustainable cyber resilience,” says Pablo Constenla, head of cyber coverage and claims for Aon’s EMEA region. “This is an opportunity to think ahead to make sure you work with the right partners, coverages and policy wording.”

The global CrowdStrike outage was a non-malicious cyber incident, yet it provided businesses with a wake-up call to review their cyber resilience and better prepare for when more significant events strike.

CrowdStrike provided a variety of valuable lessons-learned for businesses of all sizes. These five strategies can help build sustained cyber resilience in your business:

  1. Put your incident response plans to the test.
  2. Consider legal implications and consequences.
  3. Understand your cyber coverage and claims.
  4. Define your claims and gather evidence.
  5. Strengthen your business resilience in response to the incident.

Learn more about how to take a holistic approach to building sustained cyber resilience.

Aon’s Thought Leaders
  • Katie Andruchow
    Cyber Broking Practice Leader, Canada
  • Matt Chmel
    Chief Broking Officer, Cyber Solutions, North America
  • Pablo Constenla
    Head of Cyber Coverage & Claims, Cyber Solutions, EMEA
  • Karrieann Couture
    Cyber and Professional Liability Claims Leader, North America
  • Søren Stryger
    Chief Broking Officer, Cyber Solutions, EMEA
  • Greg Sparacio
    National Middle Market Leader, Cyber Solutions, Broking, U.S.

General Disclaimer

The information contained in this document is solely for information purposes, for general guidance only and is not intended to address the circumstances of any particular individual or entity. Although Aon endeavors to provide accurate and timely information and uses sources that it considers reliable, the firm does not warrant, represent or guarantee the accuracy, adequacy, completeness or fitness for any purpose of any content of this document and can accept no liability for any loss incurred in any way by any person who may rely on it. There can be no guarantee that the information contained in this document will remain accurate as on the date it is received or that it will continue to be accurate in the future. No individual or entity should make decisions or act based solely on the information contained herein without appropriate professional advice and targeted research.

Terms of Use

The contents herein may not be reproduced, reused, reprinted or redistributed without the expressed written consent of Aon, unless otherwise authorized by Aon. To use information contained herein, please write to our team.

More Like This

View All
Subscribe CTA Banner