The insurance industry is split on how to deal with one of the biggest emerging exposures: should theft via a hack be covered by a criminal policy or a cyber one?
It’s a grey area where just one policy may not be enough to battle against a hooded figure behind a screen stealing cash out of a business’s bank account or holding its data captive.
While a crime policy may indemnify a hacked policyholder for a ransom amount, it may not respond in the event an employee gets tricked into handing over account access through a social engineering scheme. And though a cyber policy would respond to a hacked account with counter measures to a ransom demand, the policy may not necessarily be built for something like business interruption.
However, Greg Markell, CEO of the cyber-only MGA,
Ridge Canada, is confident that there are solutions out there - all-encompassing coverages do exist and Markell said
Ridge Canada was one of the MGAs offering them.
But once you have the cyber or crime policy with high enough limits and wide enough coverage for a cybercrime, how do you actually get people to buy it? Markell describes the Canadian market as “a greenfield” where everyone is buying, even beyond the typically interested industries like pharmaceutical and retail. Despite the rosy outlook, smaller companies are notoriously harder to persuade of the need for cyber coverage even though small organizations are often targeted because of their limited resources.
Markell suggests asking: “How long do your systems have to be down for it to impact your business?” He also advised following up with questioning what companies rely on in the event of a shutdown, because that’s where many liabilities lie.
Similarly, he suggests contrasting the fact that insurance for fire is mandatory but the likelihood of an office building burning down in 2017 is much lower than a business getting hacked. Markell believes those conflicting facts highlight the changing face of business and are useful for brokers trying to sell cyber products to smaller clients.
Related stories:
Google, Facebook hit by $100 million cyber attack
Revealed: Crime insurance’s hottest topic