After 15 years serving the cyber insurance market, Brian Warszona, UK cyber deputy practice leader at Marsh has come to see that his role is more that of an educator and translator than a broker. Cyber risk is still a relatively new area for a lot of organisations to understand and navigate, he said, particularly for risk managers. So, if he can help clients and brokers translate the shifts and evolutions occurring in the market then it makes their lives a lot easier.
“I think we’re at a turning point with cyber,” he said, “because we’re starting to understand where the claims are coming from. But one thing we talk about with insurers is that they have different appetites. When you have different appetites within industry sectors, you have different types of claims that lead to different types of vulnerabilities showing up in those claims. If you look at an insurer that writes manufacturing versus an insurer that primarily writes retail, there are different types of things that they are looking at and the claims that come in are different too.
“They look at their claims and vulnerabilities in different ways, which creates a lot of additional supplementals that our clients have to fill out - for biometrics, operational technology, industrial control systems, ransomware - and so it becomes very cumbersome for the risk manager to try and understand where they’re supposed to go to answer these different questions. Is it legal? Is it IT? Is it a specific team within IT? Does it have to go to the board for sign-off? What is needed for NDAs?”
To offset this, Warszona noted that Marsh has dedicated itself to making sure that all the thought leadership pieces and industry information it disseminates across the marketplace are accessible and easily digestible. Whether that’s articles or webinars or industry updates, this content aims to educate every reader – including risk managers, IT professionals and board members.
This focus on accessibility goes beyond the sales and marketing side of the equation and includes how the firm collects information. Marsh works with insurers to try and incorporate the right questions into a self-assessment, in a bid to prevent clients from being inundated with demands for extra information.
As part of his role, Warszona works closely with clients and brokers to help them understand how to message the current market while keeping an eye on the future. From his industry relationships and the reception to Marsh’s advisory work across the cyber market, he has seen the changing faces behind ongoing cyber risk conversations.
“I think the board is getting involved in a lot of cases, especially with new buyers still trying to look at purchasing it,” he said. “From those that have already purchased it, they’ve gone through that board discussion and whether they were going to have that type of expenditure, which can be seven or eight figures in some cases with the large FTSE 100s. I would say the IT and risk managers are more or less acting separate from the C-Suite, but at the direction of the C-Suite.
“It’s not like we’re often seeing the board join up with IT and with risk management, but there is a connection between all three in different circles. In the past, you would see them as separate stakeholders within the company, each with different agendas and ways of approaching the risk, and different ways of protecting themselves and the company.”
Risk managers are looking at everything from the perspective of how they can protect the business from a risk transfer standpoint, he said, while IT is protecting itself from an IT standpoint. However, COVID has only complicated matters from a financial viewpoint as the decreases in revenues around the world have seen budgets drop.
Firms are, therefore, facing a perfect storm of rising cyber risk meeting rising cyber insurance costs meeting decreasing risk budgets. Warszona highlighted that in recent months, as he and his team have seen the market change, they have dedicated themselves to building a powerful overview of the entire market through industry conversations that allow them to pinpoint exactly where they can provide support to their clients and partners.
On the flip side of the challenges facing insureds when it comes to cyber coverage, he noted that there is now increased recognition of the value of intangible assets among many businesses. From discussion with clients, it has become clear that there is a new understanding that something has to be done about cyber risk, he said.
“It’s not the mentality that was taken on about two years ago,” he said. “That’s not to say they weren’t doing things then but there wasn’t this big push because the expenditure on cyber insurance itself was not at the rate we’re seeing it now with some increases going above a 100% increase. There’s a heightened view from either the treasurer, the CFO, the financial director – whoever it might be – and then it gets attention.”
Warszona and his team are seeing IT now being more communicative with the risk management team, which improves visibility prior to the renewal period. However, he noted that a lot of the conversations he is having now are actually post-renewal as well and centre around what can be done for the next renewal, and how clients can not only have a better renewal period for their cyber insurance but also improve their cyber security.
“It’s great to hear that organisations are taking a proactive approach, not just saying, ‘OK, three months before the renewal, we get the submission, go out to markets, then we close the deal, and we’ll see you in nine months’. This is now year-round, quarter by quarter catch-ups, sometimes even month by month, to talk about what they could do differently, how we can advise them. That’s really where some of the tools and resources that we’re [focusing on] within our organisation are centred - we want to make them a better company versus just making them better insured.”