Allianz Global Corporate & Specialty (AGCS) recently announced the appointment of Thomas Kang (pictured) as head of cyber in North America, effective June 15, 2020. Kang is a recognized leader in the cyber insurance industry after developing his expertise during successful stints with ACE Group, The Hartford, and most recently at Willis Towers Watson, where he served as global cyber product leader from 2018.
Kang’s appointment as head of cyber in North America for AGCS will come as music to many insurance brokers’ ears. At Willis Towers Watson, he experienced first-hand – and on a global scale - the pain points that brokers and commercial clients sometimes experience when navigating the cyber insurance markets. The most consistent piece of feedback he had was that there’s too much inconsistency in the approach, the available coverage, and the policy language between the different markets. As such, one of Kang’s key initiatives at Willis Towers Watson was to simplify and streamline cyber insurance contracts in order to give brokers a more client-focused and client-friendly product to sell.
“I’ve seen a lot of frustration from clients and distribution partners related to inconsistent policy language and coverage across the cyber insurance marketplace. I think that inconsistency, in many ways, is a by-product of a marketplace that is really trying to innovate and evolve quickly,” Kang told Insurance Business. “At Willis Towers Watson, I would read through 35 different cyber insurance contracts from 35 different markets, and the vocabulary, the approach and the coverage triggers were all different in each contract. For brokers and end-clients, part of the challenge is getting through the policy language and the industry jargon. Oftentimes, it’s not clear what the language means when you first go through the insurance contract.
“One thing I think the industry can do better as a whole – and this is something we’ll look to evaluate and chart a path for at AGCS – is the delivery of client-focused cyber solutions. We want to be client-focused, broker-focused, and really deliver insurance contracts and solutions that are concise, clear, and hopefully add a lot of value to our customers. At AGCS, we have moved away from some of the industry jargon that’s taken root in the cyber insurance space and use common-sense language so that, regardless of what the other markets are doing, our clients will be able to look at our policy contract and clearly understand what’s being covered and what’s not.”
An updated cyber offering has been sold in the US and Canada since the start of 2020, incorporating more coverage flexibility in order to provide tailored insurance solutions for clients based on industry class and unique exposures rather than a one-size-fits-all approach. Kang said it’s vital that AGCS takes a simpler approach to coverage innovation than the industry as a whole has taken in prior years. Again, this ties into Allianz’s goal to deliver uniform, consistent and client-focused solutions across the globe.
“Another key focus of mine will be around developing and offering effective cyber risk control services, especially to our non-enterprise clients,” said Kang. “We are and will continue to work with cybersecurity leaders in this space to bring solutions that are going to be compelling and will help our clients get better in protecting their most critical assets. But we’ll also need to take a closer look at how we can provide the right incentives, especially for our SME clients, to adopt appropriate risk control measures. It’s too early for me to say exactly what those measures are going to be, and what incentives need to be in place, but there has been some industry-wide movement over the last couple of years in looking to be more creative and providing the right incentives for SME clients to adopt some of these controls.
“Incident response and recovery are also becoming more critical because protection and mitigation are simply not enough. At AGCS, we already have the standard offerings that are table stakes today, but we want to move forward. One of the key things I’d like to do is to really connect the dots between incident response, mitigation and proactive services, so if a client does have a claim or a cyber-incident, we can respond in a targeted and proactive manner. At that point, the client is going to be more sensitive to their needs around cybersecurity and potentially more willing to invest and work with carriers to put the right controls in place so that they’re not subject to those same attacks again. That critical point where clients have just experienced a claim or an incident is where we want to be able to really add value by bringing targeted risk control service to their attention.”