Cyber market faces demand problem, needs pre-emptive approach – Intangic founder and CEO

The cyber insurance market faces significant challenges that underwriters are failing to address, creating demand for a different approach to the risks involved, according to Ryan Dodd, founder and CEO of Intangic.

The cyber market has been soft or at best flat at present, he noted, despite business interruption events, the CrowdStrike outage, “record setting losses and increasing frequencies of ransomware”.

Customers are most concerned by high frequency cyber losses that are taking place, rather than cyber catastrophe risk, he suggested – the nickels and dimes – that, when taken together, represent a growing cost and resources drain on commercial organisations.

Part of the problem is a lack of demand for the cyber product, he suggested.

“There’s a lot of hand wringing in the cyber insurance and reinsurance market about catastrophic risk, but the reality is, there’s just not enough insurance being sold,” Ryan (pictured) said.

Dodd was speaking with GR at the Rendez-Vous de Septembre (RVS 2024) in Monte Carlo.

“Typical insurance is underpriced,” he warned. “The frequency of events is significantly greater than the current price would suggest. So that’s the first problem. The second problem is that if you look at the market dynamics, quite simply, on any metric you look at, not enough insurance being sold.”

The recent CrowdStrike outage caught many large firms, reliant on cloud services, off-guard, he suggested.

“CrowdStrike is shedding light on the enormous levels of risk that companies are inadvertently retaining, right? Speaking with large companies, they didn’t really take into account the level of risk they are retaining,” said Dodd.

“The downside risk to digital transformation is BI and being open to cyber-attacks. Compared to something like fire insurance, cyber is three times or five times more likely to happen, and it’s about 100 times more costly than the average event. And yet the fire insurance market is about $80bn in premium, and the cyber at best is $15bn, despite more frequent and costly events,” he added.

Monitoring attackers

Dodd described his managing general agent (MGA), which is backed with capacity from insurer AXA XL,”primarily as a data science platform” working with large organisations on how to best approach their primary and excess cyber insurance strategy.

“My view is that the reinsurance market, as well as the primary market, is not going to experience any major changes until there is a product suite that is more fit for purpose to the customer, and that does not necessarily involve more traditional insurance,” Dodd said.

He said his MGA believes in first breaking down the problem into different pieces to find solutions.

“The way to grow the reinsurance market is cyber is not to expect that there is going to be provide more capacity, like, it’s just not going to magically happen. There needs to be a ton more work done that breaks down cyber risk into multiple problems.”

This starts with a pre-emptive element that can provide firms with the intelligence to prepare for and perhaps stop an attack happening before it can take place, he suggested.

“What can we see that the customer can’t? Because in the large company arena, we have to be able to provide a company with a solution or risk tool that they don’t already have, and when you’re talking to FTSE-100 firms, they’ve usually got every tool,” Dodd said.

“We believe that there’s not enough emphasis at all on the actual peril, which is human beings attacking you. What we bring that no one else brings is we’re going to give you a view of what the attacker is doing, at a scale that you can’t currently see,” he continued.

This, in Intangic’s case, is the data science and ‘secret sauce’ intelligence behind the MGA.

Understandably, Dodd was reluctant to give details of this away to passing journalists at RVS 2024, but he revealed it involves “monitoring the way attackers communicate”.

“We’re giving the customer a unique view, and we can provide that data to an underwriting team as well,” he added.