According to Rachel Bush (pictured), Nationwide’s associate vice president of technology risk management, insurance professionals need to ramp up the types of coverage and preventative knowledge they have access to.
“Cyber needs to be a part of the standard risks an agent talks about,” she said. “Traditionally, insurers probably spend more time talking about risks that seem more physical and tangible, such as property loss, homeowners’ and auto insurance, as well as commercial offerings.”
Bush pointed to how consumers of personal or commercial lines that have umbrella policies may not be aware of the looming threat of cyber until they receive some degree of consultation about the benefits of extended coverage.
“We should coach and provide context with individuals about the potential losses that they face from things like fraud and identity theft right away,” she added.
In an interview with Insurance Business, the AVP revealed the threats that need to be top of mind for insureds.
She also spoke about how consumers’ growing awareness of cyber-related losses can give insurance professionals better opportunities to address this concern and what risk prevention steps are integral to facilitate better cyber hygiene.
According to a recent study by Nationwide, 55% of those surveyed were worried about a perceived rise in cyberattacks.
From an SME perspective, Bush highlighted how falling victim to a compromised email and having a fraudster gain access to a wealth of classified information can be detrimental.
“A lot of times, they can be sophisticated in how they operate, silently lurking inside that email while also interacting with others that they can see history of you corresponding with legitimately in the past,” she noted.
Ransomware also continues to be a big concern for businesses of all sizes.
“Ransomware is not an early stage of an attack,” the AVP said.
“It happens when an attack has transpired over time into something that’s significant - by the time you become aware, they probably have also already stolen your data and done some other things within your network.”
Additionally, the looming threat of third-party supply chain vulnerabilities is something growing more urgent since threat actors can take advantage of a greater pool of confidential information.
“Companies are ever dependent on each other to be able to provide a complete set of services, which means the impact that one company can experience from another company’s incident is very real,” Bush said.
On the personal lines side, identity theft and account takeovers are proving to be pretty consistent concerns for insurance professionals.
Elsewhere in the study, eight out of 10 respondents were worried about how the widespread adoption of AI could result in more loss events, while another six in 10 were concerned about a potential cyberattack affecting them.
“It’s hard to find somebody who hasn’t known or experienced a cyber event, whether that is a Facebook hacking or receiving a notification from a bank about someone trying to log into their account,” Bush said.
“Those things are very tangible ways to connect with people to let them know that there is a risk and that there are protections and coverages that can be purchased to help them work through situations like that.”
Bush specifically pointed to the growing pool of influencer talent and individuals who commodify their online presence as being prime targets for threat actors.
“Having their social media account taken over can impact their livelihoods because it is not just used for recreational purposes.”
The top threats that consumers were most aware about included: phishing (46%), malware (45%) and cyber bullying (44%).
More than ever, Bush noted how there are various options for either individual or business coverage that can help bring peace of mind in the event of a loss occurring.
“For personal lines, it can be a very economical product,” she said.
“Commercial customers will find a lot of variability in the cost depending on the amount of coverage they need, which will be driven by the size of their business and how much they deal with personally identifiable information.”
This creates a sense of affordability and flexibility, something that will help make cyber coverage seem to be an obvious choice, especially since 15% of respondents said they have a cyber product, which is down one point from 2022.
Within the Nationwide study, a third of the participants felt that they were properly prepared for such an occurrence, while only 53% knew what to do when they recognized an attack.
This provides an opportunity for an agent to learn more about a client’s specific concerns and be able to use their resources and advisory skills to build up cyber hygiene as more of a lifestyle choice.
“I think the beauty of having coverage in place is that it makes it easy for you to get resources to help you recover,” Bush said.
With an agent’s insight, there are certain steps an individual or business should take to try and stay ahead of a hacker.
“I think exercising good password hygiene is paramount, like not reusing the same password for every account. A client can even use a password manager to help them create more secure profiles,” Bush said.
Enabling multifactor authentication is also crucial, which is something most insurers are recommending their customers to get on board with because of how it can thwart malicious intent.
“Microsoft and Google both have authenticator apps that can be very useful,” Bush added.
Additionally, VPNs can be very handy, especially for remote workers who may handle sensitive information and not have a secure enough connection at a coffee shop.
“I think as time passes and we continue to see a sustained uptick in cyber and fraud related activity, it will start to become more a part of the kind of human vernacular around the risk and will drive more interest,” Bush said.
“We need to be at the forefront of that change.”