Cyber risk capital for renewable energy assets is at a critically low level, but the insurance-linked securities (ILS) community could bridge the gap, expanding risk capital and the scope of both traditional indemnity and parametric cyber products
If global ambitions to reach Net Zero carbon emissions by 2050 are to become a reality, countries need to not only reduce their dependence on fossil fuels but also significantly ramp up investment in renewable energy technology and infrastructure. McKinsey estimates that investment would reach about US$275 trillion by 2050, or US$9.2 trillion per year on average, an annual increase of US$3.5 trillion.
In 2022, the reality of achieving these ambitions come at a time when the fragility of the global economy has not only been exposed by the Covid-19 pandemic, but placed under additional strain with the advent of the Russia-Ukraine conflict, increasing inflation, cost of capital and a foreseeable downturn in the economy.
Against this uncertain backdrop, there are inter-dependent technical and risk capital themes which underpin the transition to Net Zero. Quite simply, Net Zero is dependent upon digital transformation, which in turn is dependent on cybersecurity and an abundant and reliable source of cyber risk capital - both of which are in critically short supply at present.
However, as the world becomes increasingly digital, moving inexorably towards cloud-based operations via devices, data and automation, as well as the disaggregation of processes and value chains, the risk profile of renewable asset portfolios that need vast capital investments are increasingly exposed to significant business interruption risks.
Plus, the insurance world finds it difficult to underwrite digital risks in that cloud-enabled world. How can they know enough about massively disaggregated value chains? How can they be confident that control frameworks are effectively deployed? How can they get close enough to the distributed processes to know the quality of risk? Consequently, they are not prepared to risk much capital on this risk category. Hence the enormous and growing risk capital gap.
Arguably the cyber reinsurance market has stalled, with a very high proportion of insurers ceding their cyber risk. If more retro capacity was available to reinsurers that proportion would likely be higher. But risk is concentrated here, and filling the gap to lubricate the cyber reinsurance market is a central driving opportunity for the growth of the cyber ILS class.
At DeNexus, we believe that this significant pent-up demand for cyber risk capital, particularly in the renewables space, can become a major opportunity for ILS managers and investors seeking to diversify their portfolios, provided they are armed with a trusted, evidence-based data-driven, second-generation cyber quantification platform such as our flagship product DeRISK, that includes both an inside-out and outside-in view of the risk, on a continuous and automated basis. DeRISK also creates a level playing field for all the stakeholders in the risk management and transfer value-chain, eliminating the actual asymmetry in the view and understanding of the risk.
DeNexus’s portfolio of clients in the renewables sector is set to provide real-time operational cyber data from inside more than 10% of North America’s renewables estate by capital expenditure – in excess of $300 billion capex and $20 billion in revenues - by the end of 2022: this is a unique and globally material data lake, our DeNexus Knowledge Center. This real-time, inside-sourced data – which is exclusive to second generation cyber quantification platforms like DeNexus - allows for dynamic responses to the cyber threat.
The dynamic nature of the cyber threat is one facet of the risk that creates uncertainty and doubt around exposures, because of a structural inability to apply historical event data to models.
In our view, however, the material sample of risk data that the DeNexus platform brings to cyber risk in renewables provides an opportunity (assuming deal economics are favourable) to pilot cyber ILS instruments which will demonstrate the viability and repeatability of cyber market ILS trades.
Furthermore, it is likely that both indemnity products and parametric triggers will be viable for cyber ILS solutions, reducing tale risks and shortening claim management processes that trap capital beyond an acceptable period for ILS investors. Also, the different needs of asset owners seeking protection in the renewables sector, as distinct from those of the fund managers and investors seeking to leverage the more traditional product, will drive diversity in the market.
If digital transformation is as fundamental to Net Zero as it appears, and if a cloud-enabled world is ubiquitous as trends out to 2050 suggest, then cyber risk capital opportunities are also going to be ubiquitous.
With insured cyber risk in the renewables sector at a very low level, this is a highly time-sensitive opportunity for cyber ILS, and one which is directly related to the core issue of our time - Net Zero carbon emissions and the associated growth in ESG structures and mandates that we will develop further in future blog posts.
Find out more DeNexus' about second generation risk quantification product here.