The coronavirus pandemic has heightened the cyber and technology risks that Canadian businesses are facing today, yet questions remain around the cyber insurance market’s readiness to step up to the plate and adequately prepare insureds for the cyber challenges ahead.
Find out more: Learn everything you need to know about Cyberscout here.
“The increase in the prevalence of businesses having their employees work from home [has led to] a greying between personal lines and commercial lines risks,” said Thomas Spier (pictured), commercial director for global markets at Cyberscout, adding that while cyber risks were already rapidly evolving, “The pandemic has brought into focus a change in the way that people work and the fact that digital risks evolve on a very frequent basis and do so very, very quickly.”
While Cyberscout has not yet seen a dramatic increase in the volume of cyberattacks on Canadian businesses, what the team has witnessed is a change in the types and tactics of compromise that criminals are employing. Today, cyberattacks are more likely to be related in some way to the pandemic, such as fraudulent claims for government assistance, and, sometimes, that type of event is harder to deal with, said Spier.
However, many Canadian cyber insurance products have proved inadequate at keeping pace with these changes, though the cyber expert noted that Cyberscout sees a ton of potential in the Canadian cyber market because it fits almost perfectly equidistant between the European market and the US market, and as such, he said, “It’s primely position to take the best of both worlds.”
A key area for improvement in the current cyber offerings that exist in the Canadian marketplace is the value-added services that cyber insurers and brokers can provide to their clients.
“Many insurance brokers are broad-based experts in cyber insurance … but, sometimes, they need to step out of that insurance mindset and think about what the value and journey is for that customer,” said Spier. “If they can do that, then it will produce a better experience for those customers.”
When putting themselves into clients’ shoes, brokers and carriers can consider, ‘If I fell victim to this ransomware epidemic and had ransomware infect my system, what steps would I take?’ Cyber insurers need to think about the services and advice clients need, and which programs and policies would be able to include these types of services, alongside a limit of indemnity.
Moreover, instead of just bolting on cyber insurance as a ransomware extension to an existing endorsement – which puts insureds in the position of deciding their own cyber fate and whether they want coverage if they get attacked, and not recognizing the inevitable when of cyberattacks – cyber policies need to better reflect the risks that people and businesses face by including coverage as an add-on to commercial lines, package policies, business owners’ policies, or commercial combined programs.
“My hope is that as these programs develop and get more complex, and as they catch up with the rest of the world, that the Canadian market realizes both just how important these services are and that cyber insurance is something that needs to be rolled out to everybody,” said Spier.
And if the Canadian cyber insurance space develops in this direction, “Then there’s a huge amount of opportunity to really transform this market,” he added.
