London cyber market sees inverted pricing amid rate slowdown
Insurance Insider is part of the Delinian Group, Delinian Limited, 4 Bouverie Street, London, EC4Y 8AX, Registered in England & Wales, Company number 00954730
Copyright © Delinian Limited and its affiliated companies 2023

Accessibility | Terms of Use | Privacy Policy | Modern Slavery Statement

London cyber market sees inverted pricing amid rate slowdown

London buildings cyber technology abstract.jpg

The slowdown of cyber rates seen in Q2 is expected to continue into the second half of 2022, as market appetite and supply-demand dynamics start to evolve following a period of extensive remediation, sources have told Insurance Insider.

Triple-digit rate increases had previously been seen as part of one of the most significant periods of rate hardening ever experienced by the cyber market following an abundance of costly ransomware claims.

Estimates vary for rate increases during Q2 of this year, but sources suggested the average rate rise at around 50%-60% for the period, although this was dependent on loss experience and industry vertical. Some sources stated that on some accounts, rate rises reached as much as 100%.

This movement on rates compares to the triple-digit rate hikes registered in Q1.

Howden’s latest cyber report highlighted that over the last two full quarters (Q4 2021 and Q1 2022), cyber pricing saw average annualised increases in excess of 120%.

howden global cyber pricing index june 6 2022.PNG

Sources suggested that the extent of rate rise by account depended on how much more the insured paid the previous year, with many insureds reaching the limit of what they were willing to spend on protection.

Insureds are managing their budget by buying lower limits, which is starting to alter the supply-demand dynamics in the market.

Sources said that more placements were now getting fully placed in domestic markets due to the lower limits required, and as a result less business was flowing to the London excess market. Business that does come to EC3 is more likely to be distressed and difficult to place.

This is most acute for US risks, but the same trend is also happening in other geographies such as Canada, sources said.

Market appetite for cyber risk is also changing as carriers get a better handle on their books. Previously, the first $50mn of any tower within the mid-market to large corporate space was extremely challenging to place, as carriers sought to lift themselves out of the layers most likely to be impacted by ransomware.

Now, a small handful of markets have shown willingness to write first excess layers up to that $50mn threshold, brokers said, but are demanding much higher rates to do so. Inverted towers in cyber – where the first excess is paying more than the primary – and bi-paring of lines are not uncommon. Brokers said they expected this inverted pricing to even out as the year went on.

Few speaking to Insurance Insider were willing to give exact predictions for rates in Q3, Q4 or beyond. One source estimated that rate increases will be at around 30% for Q3, but others disagreed without giving more concrete predictions.

“I think we've all gotten very tired of predicting and being wrong, so, I don't want to put any numbers on it,” one source said.

There was, however, some consensus that rate rises will trend gently downwards to a plateau, although the jury is still out on whether both the rate achieved and the remedial work will be enough to counter the attritional challenges from ransomware claims.

Sources indicated that there has been a decrease in ransomware attacks during the first half of this year, largely because of the war in Ukraine, although the market is aware that this could be a temporary reprieve. The much-expected increase in cyberattack activity due to the conflict has not yet materialised.

It is also hoped that the decrease in claims activity is also a result of a persistence from carriers that insureds must improve their cyber security defences, and better risk selection by carriers.

Supply and demand

Overall demand for the product is increasing, with costly ransomware attacks acting as a draw to other companies considering buying cyber insurance. However, price and value for money is even more of a challenge in rising market.

Cyber cover is a discretionary purchase and underwriters are aware that if rates keep rising substantially, insureds could choose to stop purchasing cover all together.

James Burns, head of cyber at CFC Underwriting, said: “There's a balance to be had here that we need to be very cognizant of. Achieving rate adequacy is critical to the sustainability of the market but so is a product that is affordable to policy holders. We need to get both of those things right”.

Another source said: “If you bought $100mn then you're buying $50mn, if you bought $200mn you may buy $100mn, you might have half the amount you buy because the costs have doubled.”

Sources also noted that for some companies to get the cyber cover they require, they are having to increase their self-insured retentions (SIR). One source suggested that they have seen SIRs doubling on average over the past 18 months.

If it gets to a point where it's untenable for insureds to continue purchasing the cover, then they're going to look at alternative ways of financing that risk

Overall, the amount of capacity available is still largely constrained, with some of the largest buyers still unable to secure the amount of limit they would like.

Line sizes on slips are still at a reduced level, with smaller carriers tending to offer a $5mn line and the biggest carriers $10mn.

Few London carriers other than the largest players in the class were writing new business up until recently, with most carriers still focusing on their renewal books.

However there have been some notable instances of carriers setting up new cyber offerings of late, which is set to bring some additional capacity to London.

This publication recently revealed that Starr was in the process of launching its UK-based cyber offering and has hired Markel’s International’s Fred Pugh, while last year ERS-owned IQUW appointed Andrew Lewis from Hiscox to lead its growing cyber team.

However, it has been noted that these carriers will likely be cautious with their cyber underwriting to begin with as they will want to gradually grow their books without being hit with large cyber claims.

It will therefore likely be a few years before they begin to make a notable increase on overall cyber capacity within the London market.


The biggest question facing the cyber market is whether the work to remediate the book and increase rates has been enough to bring it back to profitability. And here, source opinions varied.

“It's hard to tell, at the end of the day, claims results take two to three years to finalise,” one source said.

“So, you tend to have to wait at least two or three years before you can really say if an underwriting year was profitable…we won’t really know with really good evidence until 2023-24.”

One of the biggest strains on market profitability over the past few years has been ransomware claims, with sources noting that the market is still seeing a large number of claims but to a lesser extent than seen in previous years.

Sources have noted that ransomware attacks are currently down but noted that it is difficult to state whether attritional loss ratios are falling due to action being taken to reduce ransomware attacks or if it is largely as a result of the war in Ukraine.

rampant but relenting ransomware june 6 2022.PNG

“There's logical reasons to believe that it's connected to the Russia/Ukraine situation and the impact that had on ransomware gangs operating out of our region.

“But at this stage it's difficult to project whether or not that level of frequency is going to either return to where it was or potentially supersede it,” one source said.

Sources also noted that companies have been improving their own cyber defences, which is helping to reduce the number of claims coming to the market.

“It does look like they are being better controlled due to the security requirements that we now put on insured if they want insurance,” the source added.