Cyber Insurance is Hard to Place Because of Lack of Stability


An over-all 680 breach reports were submitted to the Office of the Privacy Commissioner of Canada when Canadians firms were subject to obligatory breach reporting regulations under the Personal Information Protection and Electronic Documents Act (PIPEDA). This was six times the volume that OPC received in the same period the year prior, and this depicts the real challenges Canadian businesses undergo in the cyber world.

As per the 680 data breach reports, over 28 million Canadians were affected by data breaches. So, we know that the cyber insurance market in Canada is flourishing. Multiple well-established insurance players surround firms in the market offering solutions such as Chubb, CNA, and AIG for domestic capacity, Beazley, and CFC out of London. Regardless of high-profile and highly publicized cyber events, remains plenty of insurance volume in the market.

Jacqueline Detablan, vice president, specialty, at CNA Insurance, says, “A tower for most large accounts can be built quite readily up to $300 million. The appetite for the primary, middle-market business depends on the industry, the risk management controls, and the loss history.”

Nevertheless, like every new market, cyber insurance comes with its set of challenges. There was a lack of constancy among markets around terms and conditions, policy pricing, due to the lack of historical data for actuarial scrutiny, over the last few years.

Detablan says, “Some markets are needing to adjust their portfolios. Rates depend greatly on the risk at hand and developments to cyber concerns in a specific industry. Large complex programs are seeing modest rate increases, whereas a standard middle market account can generally expect a flat renewal. This does, however, depend on the terms which have been presented.”

Cyber insurance is hard to place because there is a lack of normalization in terms of coverage, backing criteria, and pricing. This is what the broker contingency has been arguing for some time in Canada.

Greg Markell, president, and CEO of Ridge Canada Cyber Solutions commented: “There’s an opportunity to create consistency around the intent of what it is we’re trying to cover. One of the really good signs we’re seeing is that broker partners are investing in this. There’s more research being done, and there’s more time being spent on the dissection of the cyber insurance product.”

There is ample room for learning and development in the Canadian market, which should bring some more standardization.