Cyber insurance was a hot topic in the insurance sector throughout 2019 and is showing no signs of slowing down as 2020 swings into gear. New efforts to educate both brokers and policyholders on the value of this cover have been largely successful, and news stories regarding high-profile cyberattacks have raised the profile of the risk.
At the 2019 NetDiligence Cyber Risk Summit in London, Insurance Business spoke with Bethany Vohlers, senior manager, cyber, at AIR Worldwide, to discuss whether the insurance sector is ahead or behind the curve of understanding cyber risk and how data modelling is essential for the broker model.
Discussing how she first became involved in cyber insurance, Vohlers stated that cyber insurance is unique in that those working in the sector very often did not find a traditional route to their role. In other lines of business within the insurance industry, she outlined, people tend to have started out somewhere else in the industry and moved from there.
“Cyber is where you tend to find a lot more diversity,” she said.
Vohlers came into her role through her interest in technology, her understanding of the science behind the protocols which dictate cyber insurance and her love for big data. With any kind of data, she said, there’s a story to tell and you have to identify what that story is. This complements the technology-focused side of cyber, she said, as you need to process this data to come up with new approaches to managing and analysing cyber risk.
The same view of risk that has been enabled within the banking sector when it comes to real-time decisions being made based on data, is translated into insurance as well, Vohlers said. She outlined how, in her current role, she is encouraged to learn about the new threats which insurers are facing on a day-to-day basis.
Discussing whether the insurance sector is ahead or behind the curve of cyber risk awareness, Vohlers outlined how the view of cyber in banking is more inwardly focused. There is increased motivations for hackers to target those institutions, she said, so new technologies and controls have been to put in place to help identify risks in real-time.
For the insurance sector, she said, the problem is simply different. When you have a data breach, she stated, insurers have to have a more generalised and standardised approach, particularly when it comes to medium-sized corporations and SMEs.
“From a cyber perspective,” Vohlers said, “you can’t monitor every insurance network. So, the question is – what general concepts can we apply across the board for all our clients?” This is where data modelling and pricing methods aid in the creation of relevant cyber policies, she said.
Throughout its catastrophe modelling and risk assessment services, AIR Worldwide is responsible for helping its clients understand before a risk is signed on whether it is a worthwhile risk, Vohlers outlined. Once the risk has been signed, AIR helps makes sure that clients understand whether the risk is still within their appetite. However, the responsibility for making sure that policyholders understand cyber products remains with the brokers and insurers, she said.
“The broker is key,” she said, “as they really communicate between the user and the clients, and they help to interpret the meanings behind the policies.”
This communication is more vital than ever, Vohlers outlined, due to the substantial amount of movement in terms of coverages and policy wordings in the cyber insurance market.
“Hopefully,” she said, “brokers are bringing in a level of cyber expertise to their teams but they still need a model that’s got the research and the actual domain knowledge and validation.”
Brokers need a model which will bring all the sources of data they possess together, she said, and which will be able to validate their claim or at least adjust their thinking. The right model will guide both brokers and their clients, she said, and will continue to develop over time.
Vohlers outlined how despite the vague terminology often used when it comes to cyber, it is not a scary sector and she would like to see the rest of world embrace the opportunities offered by science and technology. She has been pleased throughout her career to date, she said, to see a growing appreciation for the science behind cyber in the insurance sector and believes this is driven by a growing understanding of the full implications of a major cyber risk incident.