Understanding commercial cyber coverage
Original authors Insurance Business Canada.
With only 30 years of history to call on around cyber insurance, and in a space that is constantly evolving, trying to balance the intake of premiums with outgoing claims has been a challenge for commercial cyber insurers with so much of the market still new and unknown.
In today’s hardening market it has been particularly difficult to have enough in reserve to pay for claims. So what can brokers do to help the cause and provide the best risk management practices for clients, to in turn reduce the likelihood of claims or at least lessen their impact?
Karen Benell, an account executive at Gifford Carr, told Insurance Business that “unfortunately, with cyberattacks becoming more sophisticated and the incredible increase in crime that we’re seeing, the premiums are going up and underwriting cyber risks is becoming much more challenging.”
More and more commercial clients are recognizing the need for cyber insurance as part of their risk management practices in order to protect employees and their assets. The problem is that the majority of clients are not as tech savvy as the criminals are, so there are still a lot of vulnerabilities that have yet to be addressed.
Insurance companies are now partnering with IT firms on vulnerability scanning technology, and it is hoped that easier access to these scans will help manage risk and ultimately cut back on the number of claims coming in.
“One of the positives is the insurers who are trying to cover cyber risk have engaged with different vulnerability scanners and are finding them earlier and advising clients about opportunities to fix them,” Benell explained. “The downside is they can’t get insurance unless those vulnerabilities are fixed.”
All commercial clients need cyber coverage now, and, with businesses operating remotely, there’s even greater risk of an organization being attacked and having sensitive information stolen, held for ransom, or exploited.
“Clients are most worried about their loss of data,” Benell noted. “Once a vulnerability is exposed and you fix it, the cyber criminals are already working to find another weakness. It’s a constant process of trying to keep our cyber exposures protected.”
Having ongoing education on cyber hygiene with commercial clients not only reduces risk but allows for exposures to be more easily detected and mitigated.
Benell explained that at Gifford Carr, brokers are encouraged to take courses and attend meetings to understand the intricacies of cyber language when creating policies for clients.
“As brokers we have to be responsible and read our wordings to ensure we’re selling what the client needs,” Benell explained. “It’s not a cookie cutter product and you have to be careful.”
“Your underwriters are a big resource,” she added. “They’re very knowledgeable and if you have the opportunity to ask them about cyber liability companies, they can offer a wealth of information to help brokers best serve clients.”
Underwriters are the ones dealing with these unique, complex cyber products and building that relationship is an extremely beneficial risk management strategy for brokers.
“I hope for a more collaborative environment when it comes to risk management in the future,” Benell said. “It’s a trend I’m beginning to see and hope it develops even further moving forwards.”
Client-broker education, broker-underwriter communication, and having the necessary tools to assess cyber risks are all necessary strategies in reducing commercial cyber claims and bringing more stability to the marketplace.
“On the commercial side, I hope more and more clients enter the space for rate adequacy – when the risk is spread out, it’s much easier,” said Benell.