Cyber policy encryption needs to be industry standard – CFC | Insurance Business America
CFC recently launched an encryption service for its cyber insurance policies, the first of its kind within the industry, but the MGA does not want to hold onto a monopoly.
Rather than revel in the novel qualities of the encryption service, CFC cyber development leader Lindsey Nelson (pictured) and her team are hoping that this development will resonate with other insurance organizations and compel them to follow suit.
“You know, we don’t want to own this space and be the only market who’s offering this to clients,” Nelson told Insurance Business.
“We fully believe that every single person who offers a cyber policy should be doing so in an encrypted format.”
CFC encrypted cyber policy – taking proactive measures
The initiative has benefits for all parties involved except for potential malicious actors, according to Nelson.
“The primary focus is to ensure that policy documents don’t fall into the wrong hands, specifically that of threat actors,” she said.
While incidents of cyber hackers testing the extortion limits of a policy remain low, especially during ransomware attacks, this encryption service was put in place to mitigate any threat of data pillaging.
“We made the decision quite some time ago that we need to provide our customers with an additional layer of protection for peace of mind,” Nelson said. “We offer comprehensive information on how a client can receive their policy documentation and also provide them with guidance on how to store it in a secure way.”
Policyholders are given a decryption key for their documents through an app that allows for two-way communication with CFC’s security team. It also gives the team access to warn clients about any threat intelligence alerts or vulnerabilities.
Furthermore, brokers can now offer an “additional speaking point to clients about the credibility of where they place their business from a cyber perspective, as there’s a lot of unknowns and hesitations about what cyber insurance is,” Nelson said.
Clients have been responding enthusiastically to this safeguarding measure, which was first tested in the UK market and is now available worldwide, Nelson said.
𝘿𝙄𝘿 𝙔𝙊𝙐 𝙆𝙉𝙊𝙒… Cyber is one of the biggest risks facing businesses today💻CFC's cyber insurance policy works to help identify and prevent cyberattacks for policyholders by using their own inhouse 24/7 cyber incident response team.— British Insurance Brokers' Association (@BIBAbroker) February 22, 2023
READ MORE https://t.co/fYqEjcuwyQ pic.twitter.com/rdNevnmeZW
Avoiding roadblocks to further cyber insurance take up
The team did not want to create further obstacles to cyber insurance purchasers and their brokers, and this was a key area of focus during development.
“Developing the feature didn’t come with many hiccups, thankfully. Instead, we were more concerned with making sure that the user experience worked best for our broker partners” Nelson said. “We didn’t want to add roadblocks to obtaining cyber insurance quotes, and certainly not their policy documentation, which is quite key for them.”
To test out this product before launching to market, CFC reached out to specific partners to examine its ease of use. “We looked to our volume heavy broker partners to trial this experience first,” Nelson revealed. “There was an emphasis on making sure that it didn’t impede on their day from an administrative perspective, while also not adding any unnecessary work.”
The growth of CFC’s cyber securities division
The cyber securities division of CFC has been growing organically throughout the past few years and is now the largest of its kind within the industry.
While the team initially started as a response unit towards cyber threat incidents, it has since grown to include risk management.
“They’re all technical professionals with backgrounds in cyber crime, with some having previous experience working in police units on their cyber crime divisions” Nelson said.
“We have been able to create a specialist team within the security division thanks to this encryption initiative, where they can identify certain threats and vulnerabilities to help provide more market sustainability.”
Do you think this is the future of cyber insurance security? Sound off in the comment section below.