One of the largest cyber insurance providers in Australia is officially showcasing a new offering in Sydney today. The London headquartered cyber team from CFC Underwriters has arrived to showcase the cyber offering to local broker partners and underwriters while cruising the harbour.
“We’re basically offering a fully integrated, start to finish, in-house claim solution in Australia,” said international cyber team leader, Philippa Davis (pictured above). "We've built an entire team who focus on preventing cyberattacks for clients and it's the largest specialist team in the world that does this".
The specialist insurance provider launched the offering globally several months ago, said Davis, including in Australia.
“We’ve been trading in Australia for over 15 years and it’s one of our core territories,” she said. “We’re actually the largest standalone cyber insurance provider in Australia.”
Davis estimated that more than 9,000 businesses use CFC for their cyber insurance. The firm, she said, has 15 underwriters solely dedicated to writing Australian cyber accounts.
Davis said a demonstration of CFC’s commitment to Australia is the investment in a claims and instant response team.
“We’ve got a team of 30 instant response specialists on the ground on the Gold Coast,” she said. David Rudduck, who heads up this team, is attending the harbour event.
Part of the new offering on show today includes expanded cyber response services.
“We’re really the first insurer to establish a cyber threat analysis team,” said Davis. “Their sole job is to identify new threats and work with our insureds to prevent attacks before they actually happen.”
Davis suggested that one main difference between their offering and other cyber insurance is this focus on insurance as a service.
“Typically, we think about insurance as a piece of paper that promises to pay valid claims,” she said. “In other product lines that is true, but in cyber insurance we think that’s it’s so much more than that.”
Over the past couple of years, she said, CFC has shifted its offering towards cyber services.
“Now our offering is much more proactive and what it does is help our policyholders identify potential claims and fix the problems before they actually happen,” said Davis.
Another feature of their offering, she said, is how it “can actually influence the behaviour of the risks through the policy term.”
Davis said their cyber threat analysis team does this by creating tools which proactively scan their portfolio to find vulnerabilities.
“What we also do is create what we would call claims intelligence to see which risks are specific indicators or potential claims, so that we can better predict them,” she said.
This threat intelligence is shared with policyholders. She said the scale of CFC’s global operations is a big help because their intelligence sources come from a broad range of resources including private sector, government feeds and CFC’s in-house proprietary feeds.
“It’s not just being able to collect this threat intelligence, it’s also about having the ability to then act on it and disseminate that to potentially thousands of policyholders,” said Davis.
As a consequence of their proactive approach to cyber protection, Davis said their claims frequency is down “compared to a lot of our peers.”
Indeed, Davis suggested there are considerable opportunities for cyber insurance growth in Australia.
“One of the challenges that we’ve seen in the Australian market in particular is the lack of competition in response and cybersecurity services which has led to unnecessary costs for customers,” she said.
Davis estimated that, despite recent high profile cyberattacks like the Optus breach, the penetration rate among Australian SMEs is less than 20%.
“If you benchmark that against the fact that 98% of Australian businesses are SMEs, what this shows is that there’s so much more opportunity for our growth partners,” she said.
Read next: Lloyd’s concludes cyber investigation
Earlier this month, Lloyd’s of London was the victim of a cyber threat.
“Last week, unusual activity was detected on the Lloyd’s network,” said the firm in statement. “As a result, the proactive decision was made to take some systems offline and perform a cybersecurity investigation.”
Prior to the conclusion of the cyber investigation, Lloyd’s said it wouldn’t reconnect the systems until it had the confidence that they were fully secure.
“The investigation has concluded that no evidence of any compromise was found, and as such Lloyd’s has been advised that its network services can now be restored,” said the statement.
No details about the cause of the activity were released.