In her role as international and UK cyber team leader at CFC Underwriting, Lindsey Nelson oversees the cyber underwriting of the company and has a unique insight into the key challenges and opportunities within the market. Nelson utilised this insight to outline how the UK cyber insurance market has changed recently and the importance of educating brokers on this subject.
“The UK market has definitely changed from a cyber perspective in the last two years,” Nelson said, outlining how this has been fuelled by two key components. The first of these, she said, has been the huge interest in GDPR leading up to the date it became enforceable - but that only brought general cyber awareness and highlighted the existence of cyber policies, it didn’t sell them.
Read more: How to sell cyber insurance to businesses
The second major change within the UK market, Nelson outlined in her conversation with Insurance Business, has been the shift of focus away from privacy related incidents and the refocus on cyber insurance to cover topics like business interruption and cyber crime.
The developing understanding of the value of a cyber insurance policy in responding to cyber events is primarily the reason for this growth, she said, but she is seeing this start to plateau a little and this is likely a result of the way that it’s currently being sold.
A lot of the broker talking points currently being addressed, she said, are still focused on privacy related exposures with respect to clients who don’t necessarily hold large amounts of data behind them. There is also, Nelson said, an issue with comparisons being made to the US market which are being translated to UK clients but are not relevant to them.
“Business interruption is a good example of that,” she said. “In the UK market, we still need to get clients to understand that they have cyber exposures in the first place.”
There is, Nelson believes, a bit of a disservice in the way that some cyber products have been taken up. This, she detailed, is occasionally being led by some brokers who are taking complicated business interruption processes and using intricacies in the wording to sell products to clients who don’t even realise why they have exposure. As a result of this, she said, the UK market still only has a 10% penetration rate for cyber.
While the market has made huge strides in the last two years, she said, there is still a long way to go to create a market take-up closer to what CFC is seeing globally, particularly in the US where cyber take-up is evaluated at between 35% and 40%.
In addition, Nelson outlined how the hard market conditions have distracted brokers from selling cyber policies. In some instances, she said, brokers are not willing to take the time to learn about the product so they can speak to their clients and, in others, the topic is being avoided altogether.
“However,” she said, “the first year of these market conditions has now passed and we’re starting to see brokers focus on their new year resolutions and goals for their business and upselling efforts and actually refocusing that back on cyber again.”
Educating brokers and policyholders is the number one focus for CFC when it comes to increasing the market penetration of cyber and Nelson outlined how, over the last two years, the emphasis has been on real-life claims case studies as a key tool when it comes to this education.
She detailed how creating more of a narrative for clients helps them to understand what occurred, what costs were incurred and what coverage sections of the policy were actually responded to. What has proven particularly valuable when it comes to discussing cyber policies with brokers, Nelson said, has been highlighting how such policies are essentially access to a set of experts who are there to help clients when the worst-case scenario occurs. Comparing cyber to a kidnap and ransom policy is especially effective, she said, in that, regardless of what words are listed on the page, it’s who picks up the phone and the services that are provided that truly differentiates one cyber policy from another.
“Most clients of brokers need a coordinated response plan that is triaged appropriately from the start to manage costs and their own reputation,” Nelson said. “This seems to resonate with clients more so than nuances in policy language.”
Part of creating a deeper understanding of cyber policies is streamlining the process, she said, and creating simplified proposal forms so that there is no barrier to clients accessing the services on offer.
Looking to 2020, Nelson believes the central challenge and opportunity within the cyber insurance sector is the requirement of personalisation within this sector.
“Cyber isn’t a one size fits all solution,” she said, “and we need to make sure that we’re speaking to each individual client on more of a bespoke basis and really understanding what their exposure is and tailoring the policy towards that.”
There is no doubt that customisation is something of a buzzword for 2020, Nelson said, and, when it comes to this, data is always going to be the best asset for a company. With over 20 years of cyber underwriting experience, she said, CFC can refine this process, inform its decisions from an exposure perspective, and look at cyber policies on more of a bespoke level.
The company recently released a cyber risk heatmap to assist in this conversation where the biggest exposures were broken down by industry to highlight what should be focused on by each client. What will primarily help clients to stop thinking of cyber insurance as something unnecessary for their business, Nelson said, is the opportunity to take a step back and gain a genuine insight into their exposure.