Cyber

The issue

Cyber attacks are growing in size, frequency and sophistication, and have been exacerbated by the effects of the COVID-19 pandemic. The increase in remote working via less secure private networks has made people and organisations more vulnerable to opportunistic attacks. Cyber risks are by now ubiquitous and affect almost all areas of our lives and working environments.

The risk

Businesses, individuals and all kinds of organisations face cyber risks in a number of ways, from classical data privacy breaches to the interruption of operations or extortion. A cyber attack on critical infrastructure, for example, could pose a serious threat to society.

Cyber insurance has a significant potential for risk accumulation and its impact could spread across an insurer’s portfolio. It is also important for insurers to be aware of issues such as “silent-cyber”, where cyber risks may be covered in insurance policies without specific wordings to that effect.

The opportunity

Premiums for cyber insurance increased from USD 5.5 billion in 2020 to USD 8 billion in 2021 and continue to grow at a fast pace.

As cyber exposure evolves, Swiss Re continuously increases its risk knowledge and data capabilities in order to better understand and model the risks. This helps us to develop the best insurance and reinsurance products for our clients.

Managing cyber risks

As cyber threats are unlikely to abate in the foreseeable future, organisations must allocate sufficient resources to training their people and enhancing cyber security processes, policies and technology. Furthermore, governments and regulators need to set up the right framework for economies and societies to become more resilient against cyber threats.


Insurers can support policyholders with tailored risk management services and by encouraging good risk management practices.


Swiss Re is able to respond quickly to developments in the cyber insurance space, for example, by adjusting underwriting guidelines or costing parameters to account for changes in the risk landscape.


Given the importance of this risk class, Swiss Re has a dedicated Cyber Centre of Competence responsible for modelling and overseeing cyber risks.


The centre’s team uses two types of risk models: Probabilistic models determine the expected frequencies with which certain levels of loss might hit our portfolio. Deterministic tools, our second approach, are scenario-based, assessing the potential impact of single large events, such as major cyber attacks threatening society at large.


This team is Swiss Re’s guardian for underwriting cyber risks, overseeing steering capacity, costing, governing certain exclusions and ensuring a thorough understanding of accumulation in the portfolio. They also identify and ring-fence “silent cyber” risks, ensuring that cyber-induced losses in the traditional lines of business are kept under control.


To further ensure a solid data-led underwriting, the Cyber Centre of Competence is developing the “Cyber Data Ocean”, a proprietary repository for information on cyber incidents, risk drivers and cyber threat intelligence.

Learn more about Swiss Re’s market context

Climate change
Health
Social inflation
Our strategy in action
Discover how Swiss Re advanced its business in 2021 by focusing on three strategic pillars: risk transfer, risk insights and risk partnerships.

Risk Transfer