The small business cyber gap

The small business cyber gap | Insurance Business Australia

The small business cyber gap

Cyber insurance might seem like a topic that’s never out of the spotlight, but brokers can do more to help small businesses fully understand their exposures

The past several years have brought cyber attack after cyber attack, often leaving a trail of business downtime, financial loss and even legal action. Add to that the growing global focus on data protection, catalysed by the Facebook–Cambridge Analytica data scandal and a clampdown in regulation, and insurance brokers have had no shortage of evidence to make their case for the necessity of investing in cyber insurance.

But while most large companies are well versed in their cyber exposures by now – and are typically pumping a significant amount of cash into both cybersecurity and insurance programs – many businesses at the smaller end of the scale are struggling to grapple with the extent of their cyber risk, and are underinsured or even uninsured as a result.

“Smaller businesses ... have been forced to spin a lot of plates, complicating the decision-making process” - Paul Tombs, Zurich

For brokers, that presents both an opportunity and a challenge: An underserved client base offers opportunities for further cyber growth, but clients need to be better informed, educated and supported around the risks that they face.

In September, research from Argo Group revealed that a staggering 100% of brokers in the US and UK cited cyber threats as a medium- or high-priority emerging risk in the next 12 months, followed closely by virtual technologies and the Internet of Things. Similarly, Zurich found in its latest broker survey that cyber cover remains the dominant issue among SME clients – almost two in five brokers reported that they’re providing regular counsel to their smaller clients on the topic.

But while cyber does increasingly seem to be on the horizon for SMEs, the reality is that with fewer resources, managing the risk can be a difficult juggling act. “Smaller businesses in particular have been forced to spin a lot of plates, complicating the decision-making process and stretching many businesses to the breaking point,” says Paul Tombs, head of SME proposition at Zurich UK.

In addition, business both large and small are growing more reliant on technology and data, which means the stakes are only increasing when it comes to the ramifications of cybersecurity failings.

“The impact on their reputation of getting it wrong has increased significantly,” Tombs says. “If something does go wrong, it can now spread a lot quicker than it has ever done in the past.”

As a result, brokers need to provide a more holistic service to smaller business clients when it comes to cyber, which should include tailored advice that covers both insurance programs and pre-loss risk mitigation.

“I think the important piece here is really understanding what the end client needs as part of this,” Tombs says. “From an overall proposition perspective, you need to [have] the right product, the right pricing structure and make sure it is relevant for those smaller SME customers, compared to larger customers. The key message for brokers is to continue to talk to their clients and educate them on the risks that they face now, but also the emerging risks. It’s about risk assessment, advice, understanding SMEs’ needs and putting the right cover in place. That’s the key role of a broker.”

Peter Goddard, managing director of Daulby Read Insurance Brokers, says that much of the current attention in the cyber insurance realm is focused on the ‘Hollywood’ accounts, leaving small businesses underserved. As a result, cyber is not just the biggest focus for his business, but also where he sees the biggest growth opportunities.

“With SMEs, there is a massive disconnect between what they do and where they buy or don’t buy insurance” - Peter Goddard, Daulby Read Insurance Brokers

“With SMEs, there is a massive disconnect between what they do and where they buy or don’t buy insurance,” he says. “I think where the whole market is at the moment, we’re not doing much to help them with their risks and getting them to understand what those risks are. There’s quite a long way to go in talking to SMEs and getting them to realise it’s a necessary form of insurance.” Cyber, data and technology will undoubtedly remain under the global microscope, so cyber insurance and cybersecurity offerings will continue to top the agenda for businesses of all size. Brokers who can help plug the gap that currently exists for small businesses by offering their clients both education and support are likely to see continued growth in their cyber books.

“There are absolutely growth opportunities for brokers,” Tombs says, “and I think that’s because there’s a real demand and a need for the cover from the end-client base.”