CYBER UNDERWRITING ISSUES FOR GERMAN INSURERReinsurance & Insurance
The Gothaer Group is one of Germany’s largest insurers, providing products and services to private individuals and corporate customers. Gothaer insures wind power plants all over the world over and has became a market leader in this insurance segment. It has evolved over the past 200 years and consolidated a number of brands under the parent Gothaer brand, as well as relocating various HQ’s to the central Cologne site.
CLIENT: Gothaer Group, Cologne, Germany
INDUSTRY: Insurance & Asset Management
SERVICES: Developing software and systems to facilitate cyber insurance underwriting
At the time, Gothaer had a reinsurance division (subsequently placed into runoff, with the residual book being acquired by AXA) that was used by various lines of business, including for corporate cover.
There was an increasing need for cyber insurance cover by their larger corporate clients, as well as from small to medium sized entities. Cover was being provided using the general insurance pool, with cyber included within the total limits set.
The risk of using the general pool for cyber lies in the extent and breadth of impact a cyber attack can have. In the case of major successful attack, the limits set for a client’s coverage could be reached without full cover being supplied, leaving clients with massive shortfalls in risk transfer capability through their insurance schemes.
Gothaer tried to provide more extensive cover by trying to develop a separate cyber line of products. They started to learn how to underwrite and understand the actual risk exposure and developed a partnership with Germ I.T. security firm, Secunet as part of the underwriting process through assessing a client’s network and I.T. security and playing a role in loss adjustment in cases of claim by checking appropriate controls had been applied.
The issue remained, however, that to provide the level of cover a larger client may need, Gothaer lacked the ability to understand the losses that could be incurred in order to price and transfer risk to the wider markets.
We studied the issue of how to quantify, in financial terms, the risk exposure that results from a successful cyber attack. With the range of potential damage we consulted within and external to the insurance/reinsurance markets, drawing from award winning actuarial consultancies, the FBI, CERT and military simulation companies.
Our software products evolved with ongoing experience and insights gained from field trials of the solutions as they were iteratively developed. We needed to provide Gothaer with a competitive advantage in having the capability to underwrite higher limits for their clients, without competitors simply copying them.
We therefore created patented technologies to confer this advantage on Gothaer in developing the German cyber insurance market for larger corporate clients.
With the termination of Gothaer Re, ultimately, the intended use was closed off and Secunet has emerged into a listed company, running systems for the German Federal Government and we have continued developing our solutions and intellectual property globally.
✔ 200 years insurance experience in 2020
✔ S&P Rating September 2019 A-/Positive/