“My entire career is in cyber underwriting, so it’s my comfort zone where I can bring a breadth of product knowledge,” said Stephens. “So much has changed in the cyber marketplace over the last decade and I’m excited to continue growing in this dynamic space.”
After joining AGCS in September 2020 as regional product leader for financial lines in the northeast region, Stephens has played a vital role in developing the organization’s cyber underwriting strategy and building out capabilities for distribution partners and clients.
“Over the last 18 months, we have refreshed the practice and exceeded our targets beyond our expectations,” she said.
Stephens is looking to continue taking AGCS’s progress to the next level and will keep pushing the team to further enhance the practice.
“We have a younger team,” Stephens added. “Part of the reason I was brought on in the first place was to aide with underwriting training and teach them how to take a deep dive analysis into risk.”
In a space with large enterprise clients, comprehensive training and expertise is vital as underwriting strategies for cyber are not cookie cutter – there are so many nuances to work through with major accounts.
“The threat landscape for cyber is not static,” she emphasized. “[In contrast], there are other lines of business that have readily quantifiable actuarial data, like life insurance or workers’ comp, where you can see what claims looks like and assess what the exposures are.”
Technology is evolving so quickly, and cyber products are trying to keep up at the same pace. The way data operates and is shared has taken on a life of its own, and staying up to date with the threat landscape has become an art form.
“When I first started underwriting, social engineering and ransomware were not a major concern because they weren’t as prevalent,” Stephens continued. “It’s a completely different environment now.
“There are so many types of coverage available now, but no-one is appropriately charging for them.”
With cyber threats front and center, making headline news, insurers are now paying much more attention to pricing. To establish some rate adequacy, Tresa is working to develop a framework at AGCS to implement certifications in the cybersecurity space, which are more focused on risk management.
“We’re not expecting any of the underwriters to necessarily become software coders, but there are some designations that we are going to strongly encourage underwriters to have, to provide more knowledge of cyber security risk management,” she said.
Stephens noted that it is also important to get input from senior cyber leadership and carriers to set realistic expectations of what it means to participate in this space, what the advantages are, and what the disadvantages are.
“We all have underwriting guidelines, depending on the carrier, for different classes of business,” Stephens noted. “A lot of research has to be done to determine the risk tolerance of your own portfolio and create better relationships with clients.”