The original insurance buyer wanted a simple solution to a complex problem: the result is the current All Risk Cyber (ARC) product which supports 1) First Party (Shortish) perils, 2) Third Party (Longish) liabilities, as well as relatively recently identified 3) Catastrophe or Systemic severity exposure. These three elements challenge an industry that was designed to fit products into simple categories. Lockton Re’s Cyber Centre (LCC) contends that the problem is not the insurance industry’s lack of adoption to the ARC product, but that ARC, at least from a reinsurance perspective, is not the optimal solution currently and into the future.
The ARC problem limits the supply of capital and the insurance industry’s ability to scale cyber insurance in a sustainable way. Currently, original buyers of the cyber insurance product feel limited in the scope and scale of market where buying is usually straightforward: protect assets from damage (whether tangible or intangible) or defend against liability in exchange for a premium. In mature classes of commercial insurance where First and Third Party risks are broadly separated, billions of dollars of capacity are available to support demand. Within cyber, these two elements create an original sin by commingling protection types for largely a single cost. Our contention is that splitting out the perils into their constituent parts will enable more effective risk transfer to reinsurers, and further down the value chain (retro/ILS) capacity in a more targeted and scalable fashion.