Cyberrisk will make its way to the insurance-linked securities market "sooner than later," according to Paul Schultz, CEO of broking group Aon PLC's investment banking division, Aon Securities.
A number of hurdles exist to the transfer of cyberrisk to the insurance-linked securities, or ILS, market, such as the relative lack of sophistication of cyberrisk models and the potential for cyber losses to be correlated with other risks in investors' portfolios. But speaking to S&P Global Market Intelligence at the reinsurance Rendez-vous in Monte Carlo, Schultz said: "I think we're closer."
He suggested that the development of cyber ILS could be similar to how property catastrophe ILS, which form the bulk of the market, evolved. In the early days of ILS, the bonds' payouts were triggered by factors such as the magnitude of the event, or an industry loss index, rather than the actual claims experience of the company protected by the bond. Schultz said that now, around 70% of property ILS are triggered by client claims experience.
Cyber ILS "may not cover everything initially," he said. "We'll find a place in the market where there is a client need and not enough supply of capacity, and we'll use that to learn and to grow and let the models catch up with everything."
Although cyberrisk models have been described as lacking, Schultz said risk modeling firms "have made good progress" and said Aon used a few of the modeling companies to evaluate cyberrisk.
Nevertheless, it seems there is more talk than action on cyber ILS. Jin Shah, managing director for capital markets at risk modeling firm RMS, said in an interview at Monte Carlo that the company has "supported many conversations around" cyber ILS and industry loss warranties, "but it has never got past the preliminary stages."
Cory Anger, global head of ILS structuring at reinsurance broker Guy Carpenter's GC Securities division, agreed.
"We have had a lot of conversations about it, but not yet been able to find the right situation where all of the metrics between coverage, pricing etc. have matched [with] what the ILS community can provide right now," she said in an interview.
But while noting that bringing cyberrisk to the ILS market is challenging, Anger said: "We remain hopeful." She added, "I think the level of focus over the last 12 to 18 months on cyber is the most I've seen on the topic, so clearly it is an area where people would like to see solutions beginning to develop."
Shah at RMS said he had seen at least one ILS manager hire cyber-dedicated staff, "so there certainly is an appetite to source those types of risks from the ILS manager perspective."
He also pointed out that some of the pieces are in place to enable cyber ILS. Referring to loss data firm Property Claim Services' cyber industry loss index, he said: "That, combined with a stochastic model, give you the ingredients you need for a cat bond risk transfer."
Anger said the efforts in the insurance industry to convert silent, or nonaffirmative, cyber risk to affirmative "are all great steps to helping the ILS community come in." Nonaffirmative cyberrisk arises when a policy neither explicitly includes or excludes coverage for cyber events.
While the mainstay of the ILS market will remain property risk, Aon's Schultz thinks that life business could become "a bigger component" of the ILS industry. He said: "When you think about mortality risk, which I think is probably the largest risk in the marketplace, it is logical that we start to see more life deals."
But he added that this was probably not imminent, and may emerge in the medium term.