Editor’s note: All this week,
Insurance Business America will take a closer look at market conditions, trends, key statistics and strategies for the cyber liability insurance market.
There’s no denying that cyber insurance has become an almost ubiquitous industry buzzword in the independent agency sector. Major and minor cyber attacks make headlines weekly, attached with an addendum to “sell, sell, sell!”
However, a recent report from Marsh & McLennan reveals that coupled with these publicized data breaches is an actual measurable change in client buying habits. In a testimony before a Senate committee in March, Marsh executive vice president Peter Beshar revealed that the number of clients purchasing stand-along cyber insurance increased by more than 20% last year.
It seems employers both large and small are no longer just window shopping when it comes to cyber insurance. They are ready to buy.
Even smaller employers are adopting cyber protection
As vice president of Encino, Calif.-based NAS Insurance, Michael Palotay has seen the change in cyber insurance clientele and their purchasing activity first-hand.
“Even compared to five or six years ago, the amount of interest in cyber has increased exponentially. It’s not really a coverage that only large insureds buy anymore,” said Palotay, who has been active in the space since the early 2000s. “Now, everyone sees the need. We’re seeing more one-doctor medical groups and little neighborhood grocery stores buying policies because they understand their exposure.”
Indeed, research from the Ponemon Institute confirms that most cyber breaches affect an average of 100,000 records—a relatively small sample size compared to the behemoths of the Target and Williams Sonoma breaches. And, as Palotay noted, “If these major retailers can be attacked, there’s really no reason to think mom-and-pop shops can protect their network.”
Where agents are stumbling
Meeting this increased interest is an incredibly soft and growing market, flooded each day with new entrants and new products so diverse Palotay believes it will take at least another 10 years for cyber liability insurance to become somewhat standardized.
In the swirling array of the shifting nature of cybercrime, an influx of new products and changing policy language, independent agents are a vital conduit to connect employers with the right carrier. However, too many agents are ignoring that role and the potential payoff out of fear of the ever-changing market.
Christine Marciano, president of Cyber Data-Risk Partners in New York, says now is the time for agents to abandon that prejudice and embrace all the growth potential the cyber space has to offer.
“A lot of brokers still don’t understand the product, and the broker mentality is if they don’t understand the product, they won’t talk about it with their client,” Marciano said. “They should start looking at the product, taking a look at the coverages that are offered, and bringing the topic into conversation with their clients.”
Approaching clients with confidence
In this pursuit, agents are not left wandering blind. Carriers like NAS Insurance offer training programs to independent agents and brokers, allowing them the advantage of the insurer’s expertise.
One way Palotay says NAS trains its agents to effectively understand and communicate the value of cyber insurance is by putting risk into real-world numbers.
“I think most brokers don’t feel comfortable bringing the subject up because they don’t know what they’re going to say—going to a smaller company and talking about these huge numbers that affect companies like Target is not really true,” he said. “What’s really true is discussing the exposure of that insured to give them an idea of how much one compromised record will cost.”
Palotay says based on the breach, NAS typically assumes $10 or $15 per record for adequate breach response. Through cyber liability insurance, that includes protection like forensics, continued credit monitoring and reporting of the breach to the proper authorities.
“If the insured stores 10,000 records and you assume that estimate, we’re talking $100,000 to $115,000 just to fulfill your regulatory requirements,” Palotay said.
The future of the market
Palotay sees the market continuing to evolve, with clients like small law firms, rural electrical utility companies and mobile merchants increasing their purchasing patterns. Until the market hits at least 80% saturation—which he estimates won’t happen in the next five to 10 years—agents must be at the top of their games to understand the exposure and reach those at risk.
And, according to increasing amounts of research, that’s everyone.
What's coming up: Be sure to stay tuned with this week’s InFocus topic, as IBA explores the markets with the most growth potential, common misconceptions many hold about cyber and how to appropriately match a client with the right carrier in an increasingly shifting market.