CrowdStrike shows specialised knowledge essential for cyber cat bond investing: Twelve Capital

The recent CrowdStrike related global IT outage event has shown that it is essential to have specialised knowledge about cyber risks in order to effectively invest in cyber catastrophe bonds, insurance-linked securities (ILS) and reinsurance focused asset manager Twelve Capital has said.

Twelve Capital highlights that cyber cat bonds remain a very small piece of the market at this time, contributing less than 2% to the outstanding market and at this time is not a component of the reference Swiss Re cat bond index.

But interest in cyber cat bonds and ILS arrangements has been high, as the cyber market looks to new sources of reinsurance capacity.

The result was the issuance of a number of cyber catastrophe bonds over the last year, currently making up around $589 million or 1.2% of the outstanding market, by Artemis’ measure.

But the understanding of cyber risk in the ILS market remains at a nascent stage and for an industry far more familiar with natural catastrophe and severe weather perils, there is a lot to get up to speed on, as the recent CrowdStrike incident has clearly highlighted.

Twelve Capital explains, “Cyber Cat Bonds are designed to cover losses arising from a variety of events, such as business interruption, ransomware, or malicious activities like malware or phishing. While cyber policies are becoming more standardised, they still tend to vary significantly.

“This variability, combined with the potential ramifications of a single point of failure in widely used technologies and applications, can make the assessment of risk and aggregation challenging, although we expect progresses to be made as the market matures.”

On CrowdStrike specifically, the ILS investment manager said, “Although this incident alone is unlikely to trigger losses for cyber Cat Bonds, and significant price movements have not been observed so far, the attention it has drawn highlights the fact that many Cat Bond and other investors may still lack a clear understanding of cyber risks, triggers and potential losses.”

As we wrote right after the global IT outage, the CrowdStrike incident did not move cyber cat bond secondary market prices, but it did raise questions about cyber loss accumulation and aggregation risks, and highlighted some uncertainties over exactly what cyber cat bonds cover.

Twelve Capital went on to say, on cyber cat bond investing, that, “Specialised knowledge in the space is essential.”

Further stating that, “For these reasons, Twelve Capital maintains a cautious approach towards these bonds.”

The market remains bullish on the potential for growth in the cyber catastrophe bond segment and we understand there are expected to be more issues and sponsors of them in time, as the capital markets appetite for them solidifies.

We expect the experience from CrowdStrike will help to inform what investors want to see from those sponsors of cyber cat bonds and so the disclosures provided, as well perhaps as coverage sought, could adjust to support a more robust view of the underlying risks and deliver a greater understanding of aggregation potential in these structures over time.

Like any emerging segment of ILS there will always be a period of getting up to speed, which makes the continued education of ILS investors and portfolio managers critical and it’s good to see this continuing.