What does cyber insurance look like in the future? | Insurance Business America
Hack attacks are a constant threat to companies today, with reports of stolen client data appearing in headlines weekly, if not daily. Recent instances of cybercrime revealed tech behemoths Uber and Expedia-owned Orbitz as targets.
Insurers are rushing to enhance cyber policies with innovative add-ons as every business with a digital presence looks for ways to implement cyber security measures.
It’s an exciting time to be in cyber insurance, according to one of Insurance Business America’s top specialist brokers of 2018.
“I think that presently I find the most satisfaction in carving out solutions in emerging markets like cyber liability,” said Richard Fernandez (pictured), executive vice president – professional lines at AmWINS Brokerage of Georgia.
“Property, workers’ comp, D&O have been around for a long time and there is only so much innovation that can occur at this time. The cyber side is so fresh and new, and companies are nervous about risks they do not understand very well. We can add a great deal of value.”
The history of cyber insurance goes back 20 years, if not more, Fernandez told Insurance Business America, though the market in its current form is a by-product of the past 10 years.
“That being said, even in the last decade, there have been dramatic changes in the cyber marketplace,” he said. “Earlier iterations of cyber policies focused more on third party indemnity coverage and defense. As it continued to evolve, markets began adding first party coverage for notification, credit monitoring, identity restoration, crisis management, and public relations.
“In the beginning, these first party coverages were sub-limited and now, the vast majority of markets will provide full limits on their forms. Regulatory fines and penalties, PCI fines and penalties, cyber extortion and first party business interruption followed soon after. Over the past few years, system failure coverage, social engineering, dependent business interruption and property damage to hardware and devices have been added. Typically, 12 months have not gone by without some sort of advancement in the scope of cyber coverage. It is truly amazing to watch the explosion of this product.”
Digitization has allowed companies to make life easier for their customers through increased automation and more options to do business online. Yet that in turn has made companies more susceptible to cyber-related attacks, said Fernandez.
“Unfortunately, the only way to avoid this rising peril is to go back to doing business the way it was done 20 to 30 years ago and that is not an option. The speed of execution and the reach afforded to companies in the digital age is too compelling even if it presents a whole new set of challenges. They have to meet their customers where they spend time and that is on the internet,” he explained.
As an expert in this field, Fernandez has a few predictions for how cyber insurance will evolve in the coming years as hackers become more sophisticated.
“Right now cyber is compartmentalized across operating units (financial lines, property, casualty, crime),” he said. “For example, theft of monies stemming from a cyber infiltration is typically covered under a crime policy. Theft of data is covered under a cyber policy, and a cyberattack that causes damage to plant and equipment would arguably be covered under a property policy. At some point, to avoid gaps in coverage, all perils will become married under one all-risk cyber form.”