When Lindsey Nelson, cyber development leader at CFC Underwriting, delivered the assertion that cyber insurance was “having its coming of age moment”, few could have known how uncommonly prescient it would prove to be over the last few weeks. In the thick of all the humanitarian tragedy and chaos resulting from the situation between Russia and Ukraine, there’s another conflict unfurling – a cyber war that is already seeing cyberattack gangs taking sides in the crisis.
Even for a sector as commonly besieged by uncertainty as the cyber insurance market, these are extraordinary and unprecedented times. Recently Reuters revealed that US banks are preparing for cyberattacks following the latest sanctions against Russia, while the credit ratings firm Fitch Ratings has already warned that cyber insurance policies may be put to the test by Russian attacks.
Analysis from Fitch has revealed that the conflict will test the efficacy of “war exclusion” and “hostile act exclusion” wordings, while a report from AM Best implies that the situation could place pressure on global supply chains and commodity prices, in turn burdening the insurance industry. AM Best also noted that an escalating conflict will increase the risk of a systemic cyberattack, while “heightened risk perception could lead to high prices in an already hardening market.”
What’s happening in the market is an acceleration of what has been steadily occurring over time – as the wordings of cyber insurance policies come under increased scrutiny and prices rise, all as the innate value of this coverage becomes clearer. Some insurance companies have been tightening the belts of their coverage restrictions for a while now, while others are implementing stricter minimum security controls.
As Nelson highlighted, however, cyber has shifted from a hard-to-sell product to a hard-to-buy product as driven by a supply and demand imbalance. Further restrictions in the availability of this cover, alongside pricing changes, are likely to cause significant concerns for businesses of every size – and many will be looking to their brokers to assuage them.
At the 2022 Professional Liability Underwriting Society (PLUS) Cyber Symposium, cyber brokers called for carriers to explain their actions to buyers – a message that should be heard and actioned across the wider profession.
The cyber market is acronym-heavy and hard to explain to the uninitiated, and it changes so rapidly that the lessons of today can appear outdated by tomorrow. But with cyber risk posing such a pressing concern and with so much uncertainty facing businesses today, brokers need to steel themselves not to look beyond those challenges but rather to embrace them as part of the task at hand.
The first step is to actively seek out all available support. Cyber carriers of every size and standing are producing quality thought leadership, as well as making webinars, conferences, demonstrations and guides available to brokers. Some have been doing this for many years and so there is a real wealth of information available across a variety of sources that could prove of immeasurable value to a broker and its clients.
Where this support is either not up to date or lacking in relevancy to the answer being sought by a client, brokers need to be in no doubt of the critical value that they offer the cyber insurance space – and be proactive in demanding accessible and timely responses from carriers. They need to be unafraid of asking the hard questions and the easy questions alike, as it’s only then you can pass on the right answer and be convinced of its accuracy.
The affordability of cyber insurance is a challenge to many businesses already, particularly given that it used to be so competitively priced, and ongoing changes in pricing don’t look set to come to a halt any time soon. However, cyber remains the largest exposure that most businesses face and the ever-evolving threat market ensures that this coverage needs to be headlining the agendas of businesses across the UK. So, when a broker needs assistance in explaining a quote or a policy exclusion, they need to be empowered to ask for advice from their carriers.
Equally, of course, brokers need to be proactive about asking for that advice, and offering insights into the support that they want from their partners. Without broker feedback, it is hard for insurance carriers to get a real sense of how the support that they do offer is being received by the wider market, or where a different approach would better serve the needs of insureds.
Communication is a two-way street and while it’s a busier street than at the moment, brokers need to have the confidence to petition for the right solutions where they are possible, and the right answers when they are not. After all, a broker’s role is not to know everything but rather to always know when and how to ask the right questions – an invaluable skill during such a bewildering time.
