Choosing the Right Cyber Insurance Policy

Cyber Liability Insurance can be overwhelming for both agents and their customers.  Most agents have not been trained on how to sell it, and most commercial insureds don’t believe they need it or have any risk.  Bridging the gap between the two requires an understanding of what the Cyber Liability Insurance policy in question really does cover, and how it relates to the Insured in question.

So why is choosing the right policy so important?  Let’s start with a couple of basic truths about Cyber Insurance, the digital world in which we live, and who is really at risk:

  1. Everyone with a network or a routine connection to the Internet has been breached.
  2. All commercial insureds (corporations, nonprofits, public entities/schools) have some form of risk covered by a Cyber policy
  3. The overwhelming cause of the such risk is the employee

This means that if you fall within 1, 2, or 3 above, you are in need of Cyber Liability Insurance, and unlike other insurances, the price of such insurance is far less expensive than the cost of out of pocket expenses for an event.

For example, although you pay for car insurance, you may choose not to file a claim if the damage is less than the possibility of paying higher premiums in the future as a result.  Cyber is not like this.  The average Cyber claim exceeds $200,000, the average Phishing attack loss is near $100,000, and these continue to rise.  Yet, Cyber prices continue to remain competitive and inexpensive.

In choosing your client’s Cyber Insurance policy, you must look at each coverage part as its own policy in itself.  Be sure to identify what the top threats are for each specific industry class you are working in, and prioritize those risks as compared to the coverage the carrier is providing.  What you are trying to do is marry the client exposure to the carrier coverage in your best attempt to avoiding the gapping of coverage through underinsurance or uninsurance.

Finally, keep a clear perspective of Cyber Insurance as a digital asset package policy.  There are many moving parts, and understanding how they work with each other is the key to choosing the cyber policy.  Follow these steps and make the right choice:

  • Identify what the top perils are for the industry class in question
  • Prioritize the top 3 perils in order of importance of coverage
  • Market the risk to carriers who have strong forms in those perils
  • Recommend the preferred choice based on the first 2 steps.

Remember, Cyber is like a forest fire.  Once a fire breaks out in one place, very quickly it had spread to multiple fires at the same time.

Comments are closed.