A cyber expert has advised brokers to focus their discussions on risk in a bid to get their clients to take the product seriously.
Nigel Phair, managing director at the Centre for Internet Safety, told an AIG-hosted event that brokers should offer real risk examples to help clients understand the true nature of their cyber risk.
“My advice is to start having that risk conversation about what are we trying to protect here? This comes down to what it means to an organisation,” Phair said.
“A lot of organisations don’t realise how technical they are and if they can’t operate, staff can’t enter the building because swipe access is connected to the internet, they can’t log in to their computers, and a whole lot of other what-ifs. How long can that organisation function for? That is when you have a real ‘coming to Jesus’ moment and that is when they start to know they have got to do something about it.”
Phair noted that many organisations don’t realise how “tech-heavy” they truly are until it is put to them in no uncertain terms. By focusing on the organisation’s risk, the impact technology has on their business, and the future direction of their business in relation to technology, Phair said that cyber becomes easier to understand.
“Return on investment from many cyber controls is a really hard sell,” Phair continued. “A lot of organisations like things they can touch and it is hard for them when looking at controls to work out which are the most appropriate for their organisation, which ones are the most cost-effective and which ones we can manage.
“Logically, cyber insurance will form a large chunk of that pool of control around the network and the people that work in that organisation.”