“We’ve seen a number of high profile and respected insurance professionals suggest that the cyber insurance industry is no longer viable as a market,” said Anthony Di Fiore (pictured above). “There’s also been a number of well-respected insurers pull out of this class of insurance for the same reasons.”
Di Fiore is specialty risks manager for Adroit Insurance and Risk, a Geelong-headquartered firm. He’s a broker with expertise in cyber coverages.
News reports across the globe suggest many cyber insurance stakeholders are deeply concerned about the rising premiums and viability of the market.
“For cyber insurance to be viable—and perhaps ubiquitous—some things are going to have to change,” said a recent Forbes article. Other reports suggest a number of insurers have pulled out of the cyber market altogether.
Di Fiore said one cyber insurance challenge is the lack of historical actuarial data.
“Whereas for other industries, we have 100s of years of data, the cyber industry is much newer and we don’t have that historical data,” he said.
Another challenge, he said, is the constant rise in claims activity and the “ever changing nature of the risk”.
“It is a bit of a cat and mouse and the insurers are typically reactionary rather than proactive,” said Di Fiore.
However, despite this cyber insurance doom and gloom, he said he remains positive.
He suggested some insurers are “moving forward” and adopting a “proactive approach” that aims to prevent a breach before it occurs. Di Fiore said CFC Underwriting – his insurance partner – is an example of this.
In a recent interview with Insurance Business, he discussed CFC’s in-house threat analysis specialists.
“They use proactive scanning, dark web monitoring, look for vulnerabilities and they share knowledge with private businesses and government organizations across the world to try and identify possible breaches, possible malware and possible criminal organizations,” he said.
Di Fiore said the agency would then identify the clients who could be a target and notify them.
He said by taking preventive steps like this, insurers “are then able to maintain strong policy coverage rather than trying to reduce policy coverage to address increasing claims.”
He said a proactive approach is “the way forward for our industry.”
One interesting and counterintuitive result of the recent high profile attacks on Optus, Medibank and Latitude is that they haven’t necessarily convinced many SMEs that they should have cyber insurance.
Di Fiore said few SMEs relate to these big companies. When he approaches them with a cyber insurance offering SMEs often say they’re too small to need cyber, don’t collect financial or medical information and don’t sell online.
“Trying to relate cyber back to them is really important in terms of how it relates to their business,” he said. “One of the important tools that we have through CFC is policy limit benchmarking.”
This form of benchmarking looks at the cyber risks for similar clients in similar industries and calculates how much cover a firm in the industry space could need.
“I think it helps clients assess where the true exposures are in their business,” said Di Fiore.
Last month, the winner of the Actuaries’ Institute’s annual Young Actuaries’ Public Policy Essay Competition suggested a solution to some of Australia’s cyber challenges.
Twenty-three-year old Marcus Stavrakis proposed that a reinsurance pool would provide better access to insurance and improve cyber risk management, especially for SMEs.
“I wanted to think of a genuine solution,” he told Insurance Business. “We always talk about cyber, it’s a lovely topic and execs always want to talk about it, but when you ask them for a solution, the smoke clouds kind of come up,” he said.
Are you a broker? What do you see as your cyber challenges? Please tell us below