The role that cyber insurance plays in the operational resilience of businesses has been uniquely highlighted during the COVID-19 pandemic. The rapid move to remote working increased the visibility of cyber security concerns and exposures. For many, this crisis has been an opportunity to assess their exposure and to move against the threat it represents to their business continuity.
In a recent report by the global cyber insurance analytics platform CyberCube, the role of the insurance broker was assessed with the conclusion being that brokers play a fundamental role in completing the cyber jigsaw.
Discussing this report with Insurance Business, client services manager at CyberCube, John Anderson (pictured), detailed the key conclusions.
“As the report highlights, given the complex and varied policy language that exists in cyber policies from insurance carrier to insurance carrier, there has been a need for further specialization to understand the nuances in policy language,” Anderson said. “Having a trusted partner that can advise a potential or existing cyber insurance purchaser is in demand.
“Part of the reason a client is going through a broker, and not directly to an insurance carrier, is that they need an intermediary that can help them negotiate policy language, coverage, terms and conditions with those they have relationships with as there are a number of options in the market. Brokers are critical to this end, and that is what they are paid for.”
For brokers looking to carve out a proposition in the cyber insurance space, Anderson noted that while there has been an emergence of specialisation in the sector, more generalist brokers can also operate successfully.
“There is a wealth of data out there that can be consumed from conversations with clients,” he said. “By capturing, synthesising, and displaying the data in a digestible format, brokers are able to combine their skills and market connections with real tangible data and insights, and can continue to play the role of trusted advisor for their clients with some additional tools in their toolbelt for cyber risk.”
While cyber policy standardisation would certainly help brokers provide advice around cyber policy language, Anderson said, it is unlikely to happen and is really only one piece of the equation. The real value comes in helping clients understand their risk, and supporting them with internal and external conversations around whether they need to change their habits, and how this risk interplays with other perils.
Looking to the impact of the COVID-19 pandemic, Anderson does not believe that the crisis has highlighted the need for brokers to provide advice, so much as it has been a great opportunity for brokers to educate their clients on cyber risk, and find solutions in these trying times. The current threat landscape has shifted in part due to the increased pressure placed on companies forging ahead with work-from-home policies, and an increased reliance on remote IT security.
“The scramble and potential oversight of securing parts of their network has definitely left companies exposed to new threat vectors, and we’ve seen threat actors take advantage,” he said. “There are some great talking points and understandings around ways that brokers can educate their clients. Their clients have already been coming to them trying to understand cost savings, and other new risks they are exposed to as a result of the pandemic; brokers should be using this time and their position as trusted advisors to help clients understand the full scope of their risk across several perils.”