“the cyber insurance market may not exist next year”



Oliver Wild (Chairman, AMRAE): “The cyber-insurance market may not exist next year”
Oliver Wild, president of AMRAE, held a press conference to present the next Meetings.

AMRAE presented the program of its next Risk Management Meetings, from February 2 to 4, 2022 in Deauville. Oliver Wild, president of the association, took the opportunity to take stock of the market. The desire for optimism and a positive vision sometimes comes up against catastrophic realities, as in the cyber-insurance market.

Advertising“We will be pleased to return to our usual exchanges”, rejoiced Oliver Wild, president of AMRAE (Association pour le Management des Risques et des Assurances de l’Entreprise), the professional association of risk managers, presenting the next Risk Management Meetings, the 29th edition of this flagship event of the risk management and insurance ecosystem. This edition will take place from February 2 to 4, 2022 in Deauville after a hybrid 2021 edition in small groups in Paris and remotely. The press conference, beyond the presentation of the event itself, made it possible to take stock of the situation, in particular the difficulties encountered with insurers, in particular for cyber-insurance contracts.

“The risk manager is not there to block everything but on the contrary to make everything possible” (Oliver Wild, President of AMRAE)

Oliver Wild wanted to be reassuring about the event itself. The usual 2500 registered are there, all the partners too. The CID (Centre International de Deauville), where the event takes place, is large enough and high enough to secure everyone’s participation, given that all the classic health instructions will be respected (sanitary pass, tests, seated meals instead of standing cocktails, etc.). The theme is also intended to be turned towards the future. “The theme is not the Covid but the world after” noted Oliver Wild. More specifically, it will be “Let’s take the risk of a new impetus”. The round tables, the thirty or so workshops and the keynote speakers (in particular former Prime Minister Edouard Philippe and Sophie Nerbonne, deputy director of legal and international affairs and expertise at the CNIL) will thus endeavor to decipher the issues climatic, social, geopolitical, economic, etc. for all actors, State, companies and citizens. As Oliver Wild reminded us: “the risk manager is not there to block everything but on the contrary to make everything possible” by anticipating risks so that organizations can act knowingly, with the necessary precautions to be resilient. .

Resuming dialogue with insurers

Of the thirty or so workshops organised, the “Top 5” registrations concern climate risks, emerging risks, the subscription of insurance contracts, hydrogen and… reacting to a ransomware attack. The underwriting of insurance, in particular cyber-insurance, is obviously the hot topic of the moment. “Being positive for a new impetus”, “renewing the dialogue with the insurers”, “the Meetings are not a place of confrontation but of dialogue”… AMRAE’s good intentions are well underlined by Oliver Wild. But, yet, he can also only note that “the insurance market no longer meets the demand of companies which will have to find new models. »

AdvertisingRisk managers must therefore find new models. In particular, AMRAE wants to bring to the baptismal font a Federation of Insurance Captives. The principle of a captive is to create a mutual insurance company, regulated like a normal insurer, specific to a group, possibly on a global scale. Each group entity pays a premium to the captive as it would to an insurer outside the group. The captive is not intended to make a profit and any additional premiums therefore return to the group’s entities. An overvaluation of premiums or risks therefore has no lasting tax effect. The tool is also the subject of significant legislation that AMRAE hopes to see reduced, since a lot of reporting to the supervisory authorities makes little sense in the context of risk pooling within a single group.

Cyber ​​insurance stripped of its substance

The case of cyber-insurance is both the one that most interests CIOs and one of the most significant. The association has already had the opportunity to complain about the development of the market and, beforehand, to study it in detail. “We are down compared to five years ago when insurers were scrambling to sell,” denounced Oliver Wild. He could not hide that the risk managers feel they have been cheated by the insurers, some promising to be very virulent at the Meetings. Cyber-risks have been excluded from other contracts (where there were previously generic clauses covering them) since there were specific cyber-insurance contracts.

“But, today, the contracts are emptied of their substance… when they are always offered” was offended Oliver Wild. The market has turned. Prices are exploding. And the risks accepted by insurers are dwindling with countless exclusion clauses and colossal deductibles. More and more often, the offer of cyber insurance is no longer even offered. However, companies have built a strategy with, on the one hand, an investment policy on cybersecurity but also, on the other, a safety net, cyber-insurance. For Oliver Wild, “today, the net no longer exists”. He concludes: “the cyber-insurance market may no longer exist next year”. For the insurer, it is not even more a problem of price, which had however increased a lot, but of the ability to accept to cover a risk.

Risks and digital, an often common story

Beyond cyber-insurance, digital technology is definitely making its mark again this year at the Rencontres. During a Master Class on Wednesday February 2, the subject of the use of data in the service of risk management will thus be discussed at length. In addition, among the keynote speakers, Sophie Nerbonne, deputy director of legal, international affairs and expertise at the CNIL, will intervene to process personal data in risk management.

Two years ago, AMRAE was concerned about the consequences of confinement on cybersecurity. The telework decided in the emergency, the sudden adaptation, not to say sloppy, were risky in themselves. But what scared risk managers the most was the return of computers subject to uncontrolled risks to the corporate network when the lockdown ended. It would seem that, suitably anticipated, this return was subject to the appropriate measures (quarantine, etc.) and that no major incident was to be deplored.

Share this article

Leave a Comment

Your email address will not be published.

You may also like