MODERATOR: Hello, and welcome back to the Insurance Marketplace Insights Series, where we discuss the current state of the market for cyber insurance buyers. We are delighted to be joined today by Glyn Thoms, Global FINEX Cyber Strategy Leader. Glyn, please provide your thoughts on the recent state of the global cyber market.
GLYN THOMS: The big takeaway for me was really market conditions. I think what we saw as we moved through 2024 was an increasingly competitive cyber insurance market across the globe. That took different forms in different markets. But on the board, we saw ourselves by the end of the year in a really competitive market. I know that created some challenges for insurers in terms of premium rates, but what it enabled us to do was really deliver some fantastic renewal results for clients. And I think secondly, bringing new buyers into the market, which is something we all want to achieve.
If I look globally across our portfolio in 2024, I think we did a fantastic job of utilizing the market conditions to drive new buyers into the market and grow the overall market. I think the other two points I'd mentioned was we saw our first big system failure outage with CrowdStrike in July. What was really reassuring for me from that was the way the insurance market responded. We didn't perhaps see the knee jerk reactions that we've seen with other events where there was a rush to slap on exclusions, underwriting questions, premium increases. And that, to me, was really reassuring because I think it shows that the market is maturing and getting more measured around some of these events.
The final thing I'd mention is claims acceptance rate, and I personally think this is something we don't shout about enough, as a market. I think we often get challenged with the question by clients, does cyber insurance pay claims? If I look across our portfolio, certainly from the data in 2024, claims acceptance rates were up at 95%-ish, some insurers are talking about 99%. I think as a market that should give us immense confidence in terms of what the product is doing, and certainly looking at it from a client perspective, if you're an existing buyer or a new buyer looking to purchase cyber insurance, it should give a lot of confidence that this is a class of insurance that responds.
Our expectation is the market is going to remain pretty competitive globally, at least until mid-year, when we may see some tailing off. But I think any sort of increases will be confined to more kind of risk-specific issues that clients may have, be that around claims activity, changing business activities, et cetera. There's obviously a lot that can influence that. I think claims activity is clearly a big one, not just in terms of new claims, but also what we found with cyber is there's quite a long tail on some of the existing claims, which can be four or five or six years.
Clearly, that can have an influence. And that's something where we can need to continue to work really closely with the market to keep clients informed. Regulatory issues is another one. We did a great piece of work with FIRRMA last year, looking at some of the regulatory complexities which now exist around cyber, not just in terms of data protection, but actually just overall cyber resilience. And I think that is starting to create an increasingly complex environment for clients. So we have to, again, keep working closely with the market to make sure we're keeping clients informed and looking at the insurance implications of that. And then the final one I've mentioned is new technologies. I don't think it would be a cyber presentation if we didn't mention AI.
There is obviously an AI bit of an arms race going on at the moment. Certainly, from our perspective, what we hear from clients is perhaps at the moment a lot of the focus is on the benefits of AI. How can it generate new business, generate efficiencies, perhaps less so on the risks so far? But that's something I think we need to stay really close on, and work with the market to make sure that we're keeping clients informed on the risks that we're seeing coming out of potential AI and new technologies. But secondly, that we're making sure the insurance products to continue to respond.
Looking ahead to 2025, the main focus is growing the overall market. I heard a great analogy the other day where someone talked about making the overall size of the cake bigger. So rather than taking this existing cake and keep slicing it up into smaller and smaller pieces, how are we going to make this overall cake bigger? And I think everyone is focused on that. And actually, I do feel we have a really great opportunity to change the dialogue on cyber insurance and be able to articulate the value a lot more clearly and actually bring the client a lot closer to everything we do.
Reflecting on some of the conversations I've had with clients and prospects already this year, there's a lot of talk around the need for simplification and a lot of talk around the need for relevance. So I think from a simplification perspective, a lot of clients and companies still see this as a complicated area, be that in terms of the underwriting process, the policy coverage, the claims handling process. And I think we have to continue to work really hard as a market to educate clients and manage that overall client experience.
The point around relevance, I think we've definitely moved to a stage where we have to accept cyber insurance in most cases is a non-compulsory line. The premium spend we're competing for is to go with other lines and lots of other things. So the need to be able to really demonstrate the relevance of the product to the specific exposures that the company have is more important than ever. That's what we're hearing. And I think that's, again, going to be critical that we're working with the insurance market closely to educate clients on those things.
But I think overall, if we can achieve that, I think we have a great opportunity to be able to demonstrate the value of cyber insurance to all stakeholders in the client, and, I think, hopefully, change that perception at the moment, that perhaps there's rather than there needing to be a choice between do we spend money on cyber risk management or cyber insurance. These things can be seen as working complementary and a bit more hand in glove.
MODERATOR: Glyn, thank you very much for your contribution on this episode of the marketplace insights podcast. We'll see you at the next one. Thank you very much.
NARRATOR: Thank you for joining this WTW podcast featuring our latest global market commentary. WTW offers insurance-related services through its appropriately licensed and authorized companies in each country in which WTW operates. For further authorization and regulatory details about our WTW legal entities operating in your country, please refer to our WTW website. It is a regulatory requirement for us to consider our local licensing requirements.
The information given in this podcast is believed to be accurate at the time of publication. This information may have subsequently changed or have been superseded and should not be relied upon to be accurate or suitable after this date. This podcast offers a general overview of its subject matter. It does not necessarily address every aspect of its subject or every product available in the market, and we disclaimer all liability to the fullest extent permitted by law.
It is not intended to be, and should not be, used to replace specific advice relating to individual situations, and we do not offer and this should not be seen as legal, accounting or tax advice. If you do intend to take any action or make any decision on the basis of the content of this podcast, you should first seek specific advice from an appropriate professional.
Some of the information in this podcast may be compiled from third party sources we consider to be reliable. However, we do not guarantee and are not responsible for the accuracy of such. The views expressed are not necessarily those of WTW. Copyright WTW 2025. All rights reserved.
