Negative search engine optimization, crypto-jacking, and new dominant strains of ransomware are just some of the cyber threats facing businesses today, and as these emerging risks continue to evolve, cyber insurers are trying to keep up in providing effective expertise.
“Cybercrime has just accelerated and proliferated so rapidly that it’s helping to create more awareness and interest in cyber insurance, and it’s also pushing those of us who provide cyber liability insurance to continually evolve the product,” said Jeremy Barnett (pictured), senior vice president of marketing and business development at NAS Insurance, and a panelist at the upcoming Emerging Risks & Innovation Summit in New York.
As a result of the progression in cybercrime, cyber insurance is transforming to become more than just a policy, and its experts’ roles are likewise changing.
“The value of a cyber insurer is really in the ability to pull together experts that can help the insured before an event happens as well as after an event happens, and to provide reimbursement,” said Barnett. “It’s not just about being insured for an event – it’s about being prepared and knowledgeable for an event, so the role of the insurer is different in this type of commercial insurance than in many other types of commercial insurance.”
In this shifting cyber landscape, where the risk is still relatively new, the broker also has a bigger part to play.
“The broker plays a role as an advisor to their clients, as far as what they need to be protected against,” explained Barnett, adding that not so long ago, understanding how much data – customer data, patient data, and employee data – was at risk and managing recordings was crucial to help determine a company’s cyber risk, and come up with sufficient coverage.
“Now, the risk is so much more than that, where cybercrime implicates a business interruption type of loss as well, and brokers as advisors also have to help their clients understand what’s at risk if there is a cyber incident and they can’t conduct business. What kinds of losses are associated with that, if their computer systems are down or if there’s a ransomware virus that prevents them from operating, and for how long, and if there needs some sort of ransom payment, how much will that cost? Estimating the amount of coverage, and what type of coverage, is continually evolving as the cyber risk continues to grow.”
As a result, brokers have to be a savvier technologically than they’ve been in selling other types of professional liability insurance, according to Barnett.
“Getting education from their carrier partners is essential, especially in educating and building more awareness with small and medium-sized enterprises,” he told Insurance Business, since larger companies tend to have sophisticated in-house technology resources already, such as CIOs, CTOs, or CISOs. “For a lot of the mid-sized and smaller businesses, they don’t have that type of expertise in-house and so, in some ways, the risks are even more severe because there aren’t a lot of people in-house to take preventative care of their infrastructure or their systems.”
In turn, the broker has to help the buyer of insurance understand what the cyber insurance covers and what it doesn’t, in addition to the risk mitigation strategies companies can implement to protect themselves. As part of their education, insurance professionals in the cyber space need to share their knowledge among each other, and keep lines of communication open to ensure that everyone is on the same page when it comes to understanding this emerging risk.
“We all have to get beyond the jargon and the lingo and the superficial understanding of what is cyber and data privacy, and talk more about the real world scenarios and the claims that we’re seeing and the types of cybercrime events that we’re dealing with because the cybercrime economy is much bigger and the cyber criminals are much more sophisticated than ever,” said Barnett. “We can all talk about stuff that is real and practical and happening every day, and where the real concerns are, and get beyond the mode of the buzzwords.”
Take a deeper dive into this issue at the Emerging Risks & Innovation Summit in May 2019.