Insurance-linked securities (ILS) are a key source of potential new cyber reinsurance capacity, and issuers should put aside concern over a "perceived correlation” between cyber events and stock market performance, Guy Carpenter says. 

A hurdle to attracting new cyber market capacity has been the belief that cyber risk correlates to financial market risk, yet the researchers say this “double whammy” scenario is not backed up by two decades of data. 

“Many ILS funds are reluctant to deploy capital in cyber transactions. Our analysis demonstrates the lack of statistical correlation between widespread cyber events and stock market performance,” North American Cyber Analytics Lead Jess Fung said. 

“Historical widespread cyber events, such as Microsoft Exchange, or those targeted at critical infrastructure such as the Colonial Pipeline, have had no lasting or significant impact on stock market performance.” 

Teams from Guy Carpenter and Marsh McLennan Cyber Risk Intelligence Center say their research debunks the idea that systemic cyber catastrophes result in a wide-ranging, indiscriminate stock market downturns. 

“We aim to help ILS investors and the broader insurance community improve their understanding of the cyber catastrophe landscape, so instead of viewing cyber risk with fear and uncertainty, the industry collectively will be more confident about deploying capital on cyber,” the report said. 

"Generally, markets have not seen or priced in long-term negative impacts in individual companies’ share prices or across industry verticals after cyber events due to sophisticated and fast remediation efforts and consequently the ability to 'bounce back’ to rectify specific issues limiting collateral damage.” 

The cyber market is “now looking” for a scalable, diversified capital base to unlock future growth, the report says, and ILS investors are “ideally suited to be key capital partners for cyber insurers, bringing new capital into the ecosystem”. 

The study analysed 14 major cyber events since 2001, evaluating mass breach or vulnerability events – including Solarwinds and NotPetya, mass service outages – including the 2011 Amazon Web Services and the 2016 Dyn DDoS attacks, critical infrastructure compromises – including Colonial Pipeline and Saudi Aramco, and financial market compromises – including 2010 Nasdaq breaches and the recent ION ransomware attack. 

None of the 14 events “led to meaningful rises or shifts,” and the market effect was “very similar to that of major hurricanes”. 

"This presents an opportunity for natural catastrophe ILS investors to diversify their existing portfolios further and ...  invest in a sophisticated and growing area of insurance risk.”