We’re fans of research from RPS/Risk Placement Services, the brokerage and MGA. Early this year, the firm predicted a correction in cyber pricing driven by factors such as increased fraud perpetrated by AI. But in its 2024 Q3 Cyber Market Update, RPS concedes the “market hardening” and price increases have not yet occurred.
“Since the beginning of the year, we’ve made several predictions about the future of the cyber insurance market. Those that have come to fruition include market consolidation (some have exited, and insurtechs have partnered with traditional insurers); the continuation of large-scale data breaches; the expansion of artificial intelligence (AI) in political interference; and the ever-expanding threat of systemic events moving horizontally through specific industry sectors, and the public at large.
What we haven’t correctly predicted is the timing of market pricing adjustments in response to events like these.”
Why have price increases lagged despite the onslaught of attacks? RPS says one factor is that some attacks and failures (ie, CrowdStrike’s debacle with Windows and the massive disruptions it caused) are so pervasive and distributed, their impact on individual companies takes longer to realize, creating an over-hang of potential losses. “A key differentiator in today’s loss environment versus the past is the longer tail on loss development, due to massive third-party events whose final outcomes have yet to be determined,” says the report.
The new report is well worth the read for its pricing case studies and updates on trends from ransomware to fund transfer schemes (or “fraudulent instruction” scams), with a new horror story about a complex scam involving the latter. We also give RPS kudos for its frank update to earlier projections. Read the report’s findings here.
