Despite UCLA cyber attack, agents struggle to sell cyber

Despite UCLA cyber attack, agents struggle to sell cyber | Insurance Business

Despite UCLA cyber attack, agents struggle to sell cyber
The news that 4.5 million subscribers with UCLA health had their data compromised hit the corporate and regulatory world hard last month and precipitated a high-profile lawsuit against UCLA Health, UCLA Medical Sciences and University of California Board of Regents in the Los Angeles County Superior Court, while spurring individual company leaders to reconsider their risk management strategies.

And while many C-suite executives have expressed interest in insurance options to mitigate potential fallout from a similar attack, independent insurance agents report that cyber liability insurance is still a difficult sell.

John Tiene, who represents thousands of agents in the Northeastern US as CEO of Agency Network Exchange (ANE), says small business are especially hesitant to purchase the important policy.

“The demand [for cyber] is increasing, but not at a rate we think is quick enough,” Tiene told Insurance Business America. “Small businesses are still very reluctant to sign up for the coverage and that really concerns us because some 30% of breaches occur in these small companies with fewer than 250 employees.”

The reason is not pricing, which is currently experiencing downward pressure among low-risk classes. It is an education gap; because small businesses do not recognize their own exposure, many feel cyber insurance is a superfluous purchase.

That should represent a clear call to agents, Tiene says.

“Our job is really to educate the business owner as to the variety of exposures they are presented with and help them understand how the coverage can protect them,” he said.

Carriers with superior products help in this effort by offering education to both agents and business owners alongside their policies. Tiene says it is currently the larger carriers that offer these services, along with more sophisticated products that can be specialized for larger clients.

Most important is ensuring agents are sufficiently comfortable with the cyber product to discuss it with clients. Going forward, failure to discuss cyber protection could be a major E&O exposure for independents.

“This should now be a standard conversation with clients because every client has the exposure at some level. A breach may only cost a client $10,000 to $30,000, but for a small business client, that is a lot of money,” said Tiene. “They may turn to the agent and say, ‘Why didn’t you talk to me about this?’

“This is a coverage need of the 21st century."