June 16, 2023

Don’t Buy a Cyber Policy

Cyber

3 min read

Allen Blount, National Cyber & Technology Product Leader

The headline of this article probably strikes you as out of touch with the current state of the cyber marketplace. Both the frequency and severity of cyber-related claims are multiplying. Also, ransomware claims continue to escalate, and it’s estimated that 90% of US companies experienced a cyber-related event by the end of 2022.

Cyber insurance considerations

As you can imagine, the rise in both frequency and severity of incidents has created tremendous pressure on carriers offering cyber coverages. That pressure is compelling carriers to increase pricing, reduce coverage limits, remove cyber sub-limits from non-cyber policies, and push more risk on insureds in the form of higher retentions. So, if all this is happening, then why in the world would we say, “Don’t buy cyber coverage”?

Because in today’s environment, you need more than a policy. You need a cyber process — an approach that includes but delivers much more than an insurance policy.

We’ve all heard the adage that a doctor cannot prescribe the correct treatment if they haven’t done a thorough examination. The same holds for cyber coverage. How in the world can you get the right cyber coverage if your broker hasn’t assisted you in a thorough examination and assessment of your risk? The answer is they can’t.

Evaluating cybersecurity risks

Ideally, a broker slows down the buying process — conducting a thorough assessment of your IT infrastructure and existing cyber risk mitigation measures to ensure the policy you purchase responds properly at the time of loss. Getting cyber wrong can put the financial health of your organization at risk and possibly even force you to close the doors.

Here are seven key areas where a specialty broker provides insights and support:

Education – Industry trends, threat assessment, regulatory overview

Risk Assessment – Vulnerability scan, third-party assessment, incident modeling

Risk Management – Tabletop exercise, incident response planning, employee training

Risk Finance – Carrier, self-insurance, captives

Policy Creation – Manuscript to your unique profile, recommended limit, peer benchmarking, retention analysis

Incident Response – Coverage counsel, data breach coach, monitoring counsel

Claims Handling – Reporting, broker advocacy

To learn more, please reach out with questions. If you’re interested, ask for the assessment document that helps you start the process of getting your cyber coverages right.

Find Allen Blount on LinkedIn, here.

Connect with Risk Strategies Cyber Risk team at cyber@risk-strategies.com.

About the Author:

Allen Blount leads the Cyber Team at Risk Strategies. He specializes in both cyber insurance and tech E&O (errors and omissions). Prior to this role, he spent 12 years with Zurich North America, gaining extensive experience as a Cyber and Professional Liability Underwriting Manager. Before his insurance career, he practiced law.

The contents of this article are for general informational purposes only and Risk Strategies Company makes no representation or warranty of any kind, express or implied, regarding the accuracy or completeness of any information contained herein. Any recommendations contained herein are intended to provide insight based on currently available information for consideration and should be vetted against applicable legal and business needs before application to a specific client.

See all posts