Whilst cyber as a specialist line has been growing for the past few years, knowledge of cyber risk diversity amongst clients and brokers seems to have stalled.
This is surprising given that technology connects millions of people both in business and socially, due to the rise of connected devices and access to information.
This has given rise to a new breed and number of hackers who have the ability to launch cyber-attacks. Couple that with the rise of cyber warfare between nation states and you have a highly advanced ecosystem for cyber risks to cultivate in.
To ensure brokers are delivering the best service to clients, it is important that they understand the diversity of these risks. Cyber-attacks come in a number of forms, including hacktivism, denial of service (DoS/DDoS) attacks, cyber extortion, network interruption and data breaches.
These can arise from a number of sources; internally (disgruntled staff, lost devices, poor data encryption), or externally (hackers, third-party vendors losing data).
Brokers need to ensure they are up-to-speed with the latest cyber risks and understand how those risks may impact their clients. If your client hasn’t asked for cyber insurance, they may assume that a breach is covered by their general liability policy or similar.
This is often incorrect, as general liability tends not to cover businesses if the loss of data in a breach doesn’t result in any tangible property damage or injury. So in order to protect against the specific, varied threat of cyber, a bespoke risk policy is needed.
It is important for brokers to understand and communicate the complexity of cyber risk in order to offer appropriate coverage. Clients are understandably focused on running their businesses, and so will either assume their existing policies are adequate, or will look to the broker for guidance.
Not being able to communicate the nuances of the risk class clearly can result in potential lost business.
So what information should brokers be seeking from their clients before they take a risk to underwriters? It starts with the basics: what sort of data does their business hold? How is it protected? What are the consequences of a breach? How educated are employees on prevention procedures?
These are some of the most fundamental questions any good broker should be asking their client, before they consider which underwriter to approach.
If you don’t, you can be sure the underwriter will send you straight back to the client with these questions – and more.