Industry Issues | ERM & Emerging Risks

APCIA: "Cyber Security and Data Breach Requirements for Insurers" tops the list in the 2019 Emerging Risks Survey

To Members of the APCIA Enterprise Risk Management Committee:

The Final Results are in ... "Cyber Security and Data Breach Requirements for Insurers" tops the list in the APCIA ERM Committee's 2019 Emerging Risks Survey.

"Cyber security and data breach" was the top enterprise risk cited in the 2019 survey of the APCIA ERM Committee. Committee members were asked to identify the top 5 emerging risks that are most top-of-mind and relevant to their enterprise risk management duties.

80% of the 2019 survey participants responded that "Cyber Security and Data Breach Requirements for Insurers" was on their list of top 5 emerging risks.

This response is consistent with a comparable survey conducted last year with the legacy PCI organization. Those 2018 results saw the top 4 spots dominated by issues related to the developing complexity of risks and opportunities stemming from new technologies, innovations and the emerging digitization of insurance and its consumers. The 2nd to 4th spots last year were: 2) Use and Regulation of "big data" in predictive modeling and machine learning/AI analytics; 3) Insurtech innovations and tech-based insurer entrants; and 4) Offering of 1st and 3rd party cyber insurance, "silent" cyber exposures, and emerging legal theories for cause of action.

As the survey look towards 2019 and beyond, the enterprise risk management leaders at our APCIA member companies indicate priority attention devoted to responding to the evolving implications of promulgated comprehensive and enhanced cyber security regulations and related legislation enacted in an increasing number of states, as well as new comprehensive and enhanced state (potential federal and international) consumer data privacy and protection laws and legal standards. Extreme weather patterns and natural disasters experienced in 2017 and 2018 and the increasing political and activist attention towards climate change likely were the driving factors placing "natural catastrophes and climate change" in second place of the 2019 survey results. Rounding off the top 5 are: 3) the emergence of insurtech firms and technology; 4) impact from potential disruption in the federal and global (macro-)economic conditions; and, 5) regulatory actions on insurer's use of big data, predictive modeling and advanced data analytics.

The full 2019 survey results are provided below. A summary graphic is also posted on the Committee's industry issues web page. Further discussion on the survey results will be scheduled as part of our Committee's June 20, conference agenda in Washington D.C.

ERM & Emerging Risks: 2019 Emerging Risks Survey

Answer Choices


Cyber Security and Data Breach Requirements for Insurers (cyber-attack/data theft prevention, protection & response)


Natural Catastrophes: Extreme Weather Events and Climate Change


Insurtech Firms: Tech-based Insurer Entrants; Technology Innovation Specific to a Function Within the Insurance Industry Model


Federal and Global (Macro-)Economic Conditions: Capital Markets, Tax Reform, Trade Agreements, Interest Rates, Infrastructure Investment


Big Data: Use, Regulation of Big Data (3rd Party, data mining) in Predictive Modeling, Machine Learning/AI analytics


State Regulatory Overreach, Compliance Requirements: Data Calls; UW and Rate-making Restrictions/Limitations; Non-insurance Matters


Aging Workforce/Talent Gap


Digitized Consumer Behavior


Cyber Risk - 1st and 3rd Party Insurance; Silent Cyber; Emerging Legal Theories for Cause of Action


Cloud Data Storage/Migration; Cloud-based Services, including Vendors/Business Partners


Internet of Things (connected home and vehicle), Lifestyle/health Telematics, 3D Technology, Virtual Reality


Drones and Self-Driving (Autonomous) Vehicles: Personal and Commercial Use


Sharing economy: Transportation Network Companies, Home Sharing, Other On-demand Businesses


Blockchain - Product Development (smart contracts), Policy Management, Claims Administration


Artificial Intelligence (Cognitive Computing) and Robotics


Population Demographics impacting Health Care, Prescription Drug Usage, and Insurance


Industry Merger & Acquisition Activity


Environmental Social Governance Standards - Ethics, Sustainability, Social/Economic Equality


Federal and International Regulations Expansion or Intrusion into Insurance


Man-made Catastrophes, Disruptions (supply chain): Domestic & Foreign terrorism, Large Scale Cyber-attacks, Fracking, Mass Tort


Other Mentioned:

Litigation Financing