Revealed – the latest information required by brokers to sell cyber insurance

Why brokers need to be empowered to challenge their insurer partners' reports

Revealed – the latest information required by brokers to sell cyber insurance

Cyber

By Mia Wallace

This article was produced in partnership with CFC.

Mia Wallace of Insurance Business sat down with Lindsey Nelson, cyber development leader of CFC to discuss how brokers can meet accelerated market demand for cyber products.

In a recent feature with Insurance Business, CFC’s cyber development manager Lindsey Nelson (pictured) pinpointed the varied swathe of challenges currently impacting the cyber market - including the untimely intersection of accelerated market demand coming up against the brick wall that is reduced capacity.

For those brokers operating at the front-line of translating and communicating market shifts to their clients, the cyber space represents a real challenge. Given the ever-changing nature of the environment, keeping up to date with the latest information available is more critical than ever, as is brokers evolving the narrative they build alongside their clients.

“From a broking perspective,” Nelson said, “there needs to be rapid development re-framing the conversation with clients around the availability of limits they should have for extortion, to better incentivise clients to rebuild systems rather than make the business decision to pay the demand, which ultimately can be made as a case for fuelling crime. 

“Most cyber policies these days offer full limits for when clients opt to rebuild their systems and recreate that data rather than pay, and getting client buy-in upfront to make the decision as to whether they’ll pay or not pay before an incident happens is one worth tabling as a philosophical approach to solving crime.”  

Another recommendation that Nelson has for brokers is that they should be empowered with the knowledge that insurers conducting external scans of a client’s security posture to inform their risk selection can be challenged. Security reports are a great tool to share with clients to show how they benchmark against their peers, she said, but they’re only showing a fraction of a client’s vulnerabilities. As such they simply can’t be relied on in their entirety as a measure of a client’s true risk where the majority of their exposure lies in their internal infrastructure not captured by these scans.

She highlighted that brokers are and should continue to challenge false positives in the reports as part of that conversation and ensure the market they’re working with is only using them in conjunction with their proprietary claims data in-house to inform risk selection.  

Nelson added: “Insurers are changing the conversation using the data they have collected to determine what security measures are preventing claims, what industries are more susceptible to cyber risk by exposure alone and ensuring that the price reflects the fact that ransomware events are costing into the millions, not the hundreds of pounds of years ago.”

Brokers are key in the distribution chain in speaking to clients about specialist insurance products, she said. Cyber is no exception to that rule, and there is a reason why CFC continues to maintain a 100% broker intermediated distribution model. With cyber, specifically on larger and complex risks, brokers have been and will need to continue to be instrumental in preparing clients in advance of what can be challenging renewals to ensure they are viewed favourably by underwriters. 

“Equally,” she said, “they have been key partners over the last 12-18 months in providing the crucial context as to why insurers are requiring certain investments to be made into their IT infrastructure.  There’s nothing more frustrating than a client having to be told by their insurer that they need to implement multi-factor authentication, but where insurers are able to frame that around the fact that MFA has prevented over 80% of the ransomware losses seen across their portfolio, it helps align interests between client and insurer.”  

One of the silver linings of an increasingly volatile landscape is that brokers have seen first-hand that cyber insurance does in fact work despite reports for years stating otherwise, Nelson said. Cyber as a class of business has one of the highest acceptance rates of any product line, and being able to walk through the incident response process with a client allows them to articulate the value of cyber insurance working as a service to the client.

“Brokers have equally recognised that specialist products like cyber growing at a rapid pace requires specialisms internally,” she said. “The broker partners we’ve had the most successful partnerships with have built expertise in-house to have a focused drive on new business growth across their existing commercial portfolios, which is largely where the biggest opportunities lie – as well as alleviating the many hats brokers wear by providing a layer of expertise around quickly evolving cyber products.”

You can find out more about how CFC protects businesses against cyber risk here.

Lindsey Nelson has served the insurance sector for over 10 years now. As the cyber development leader at CFC, she leads the global cyber distribution strategy across CFC’s portfolio.

Related Stories

Keep up with the latest news and events

Join our mailing list, it’s free!