Every insurance carrier likes to put its own unique stamp on a product line. Whether it’s ‘the lowest premiums in the marketplace,’ or ‘the broadest coverage in the marketplace,’ the key aim is product differentiation. This can be both a boon and bane for insurance brokers. The benefits are obvious in that brokers are able to find the best possible coverage for their clients, but brokers also face dangers when dealing with policies that lack uniformity in nature.
One area where brokers are increasingly exposed to errors and omissions is Canada’s burgeoning cyber insurance market. Lisa Armstrong, managing partner at Strigberger Brown Armstrong LLP (SBA), explained: “As the cyber insurance market in Canada continues to grow, I think we’ll likely see an uptick in claims against insurance brokers – and that’s simply because the coverages offered and the policies written are not uniform. If a client doesn’t get the coverage they thought they wanted or thought they were buying, that could result in claims against brokers. I, personally, haven’t seen any of these claims yet, but it’s easy to imagine there could be disputes in the future.”
In this context, the last thing insurance brokers should do is avoid the cyber insurance market altogether. As the cyber threat landscape evolves and everyone with the even the slightest digital footprint gains exposure, it’s vital for insurance brokers to offer cyber insurance as an effective risk transfer mechanism. But before Canadian enterprises engage in widespread uptake of cyber insurance, there’s one major hurdle that everyone - carriers, brokers and clients included – must leap over.
“Education is probably the biggest concern when it comes to cyber risk today,” Armstrong told Insurance Business. “One thing companies can do to protect themselves is invest in professional advice. Cyber is such a complex are of risk right now – there are IT issues, HR issues, insurance issues, business continuity issues and legal issues. There’s a lot of visibility of cyber risk in mainstream media, but not many people are able to make the connection with themselves or understand how cyber risk might impact their own businesses. People are certainly making progress with this, but there’s still a long way to go.”
More about cyber: Frequency and severity of ransomware on the rise in North America
When dishing out cyber risk management advice, brokers should exercise caution, according to Armstrong. They should run through all the different elements of the risk and the potential impacts these elements might have on a client’s business, but they should avoid making concrete recommendations, she advised. Brokers might have if there’s a cyberattack involving a new strain of malware, and suddenly they realize the limits they’ve recommended are insufficient.
“There are people out there – insurance brokers, risk consultants and others - who are giving clients advice on how to protect themselves against cyber risk, but they aren’t covered by privilege in the same way that they would be in the context of legal advice,” Armstrong added. “If a client doesn’t accept those recommendations and then they have a breach and are sued, that could be a problem for the client because they’ve been told they have risk in their system and they haven’t taken the necessary steps to mitigate that risk. These cyber risk reports are actually creating a bit of a checklist for opposing counsel if a broker’s client gets sued as a result of a cyber breach.”