<img height="1" width="1" style="display:none;" alt="" src="https://px.ads.linkedin.com/collect/?pid=1354242&amp;fmt=gif">

03.07.19

Corvus Team

Cyber Policyholders Need Security Data - Brokers Can Help

Why Brokers Facilitate the Implementation of Security Programs

Few Cyber Insurance Policyholders Have a Security Program in Place, Which Creates an Opportunity for Insurers and Brokers

For large businesses, cyber risk is a fact of life. After the spate of privacy breaches and ransomware attacks experienced by companies with household-name brands, including the WannaCry and NotPetya attacks of 2017, cyber risk shot up to the top of lists of business risks. A recent survey of large businesses from Willis Towers Watson suggested that 85% of US employers and 72% of UK employers consider cybersecurity to be a top priority.

In general, these companies have the resources to take on the issue of cyber risk head-on with well-developed IT policies and programs throughout the enterprise. But if you’re not a Fortune 500 company (or even a Fortune 1000 company) are the headline-making events of the last few years enough to coax you to take action?

Most would answer yes, with some caveats. One way to look at this is by looking at the market for cyber insurance. The steady growth not just in the enterprise segment, but also in middle and small business segments, speaks for itself. Within the SMB segment, first-time buyers of cyber insurance policies grew an average of over 30% each quarter for the year leading up to Q3 2018. That is substantial growth.

Yet awareness of the issue, and the penetration of cyber insurance, doesn’t provide a complete picture of risk, or what companies can do about it.

A recent survey from the Council of Insurance Agents and Brokers (CIAB) found that just 37% of commercial brokers’ clients have a security program in place to prevent or mitigate the effects of cyberattacks. These clients run the gamut from SMBs to the largest enterprises. The number is surprising given that this is a sample of companies that we already know have cyber insurance - so they are certainly aware of the risk, and willing to take steps to mitigate their financial exposure. Yet few have put procedures and programs in place to prevent the events they are insured for.

Security Programs Are a Major Opportunity for the Insurance Industry

Companies of all sizes are clearly looking to insurers for help to protect against cyber risk. While the world's biggest companies are already backing up their cyber insurance policies with standardized security procedures deployed across many thousands of employees and applications, companies in the vast middle market, including many large businesses, are not. The insurance industry serving this market can surely underwrite the risk and provide policies -- but we can also help provide the knowledge companies need to help push toward safer practices and policies for cyber.

Data Is the Key to Innovation in Today’s Business World

As cutting-edge cyber insurers develop new means of identifying and pricing cyber risk, the next frontier should be deploying that knowledge in ways other than simply fueling a premium and coverage decision. The opportunity is there for insurers to arm brokers with data about their clients' vulnerabilities. In turn, brokers have the opportunity to relay that information to clients, ensuring they understand it. The challenge for everyone throughout the insurance value chain is presenting data clearly, making it actionable for the policyholders.

The CIAB survey noted that 85% of brokers have a "strategic approach to marketing and educating clients about cyber risks." It's time for insurers and brokers alike to take it a step further. If clients can get their hands on actionable information about cyber security -- armed with the knowledge of what it means, and what to do about it -- it could mean fewer claims, lower premiums, and a safer web environment for everyone.

[RELATED POST] The Privacy Problem: A Conversation on Pixel Tracking with Experts from BakerHostetler

The Privacy Problem: A Conversation on Pixel Tracking with Experts from BakerHostetler

On January 5th, we hosted a webinar with Lynn Sessions and Paul Karlsgodt of BakerHostetler to discuss pixel tracking technology, the culprit behind the latest ad tech litigation and regulatory trend. Below is an exploration of prior and current website tracking litigation, and how it may impact non-regulated industries. 

[RELATED POST] Insurance’s Watershed: Lean Into Cyber, or Fade into Irrelevance

Insurance’s Watershed: Lean Into Cyber, or Fade into Irrelevance

At its best, insurance helps businesses manage and mitigate the risks they worry about most, and helps make everyone safer along the way. The data insurers have on effective interventions — and the lever of pricing to guide policyholders’ actions — are a powerful combination. Over time, the insurance industry has helped make buildings, work sites, and transportation safer – the key uncertainties people cared about.