How cyber insurers are boosting their value proposition

Insurance companies are being forced to differentiate themselves in what is an increasingly competitive space

How cyber insurers are boosting their value proposition


By Joe Rosengarten

Although high profile hacking incidents have garnered lots of media and public attention, the reality is that cyberattacks like WannaCry and Petya only represent a small tip of a massive iceberg. Companies of all sizes in every industry are being targeted and insurers in the cyber space have been forced to rethink their approach in order to keep up. Providing a cyber policy is, simply, no longer good enough.

As hackers devise more sophisticated methods, cyberattacks become increasingly damaging. Business interruption costs are growing and the role of IT forensic firms and breach coaches are becoming even more crucial. Conscientious insurance companies are playing an important role in ensuring their clients get access to the right resolution services at the right time.

“Insurance companies are doing more than just providing reimbursement, they are becoming key to issue resolution,” says Jeremy Barnett, senior vice president of marketing at NAS Insurance. “Oftentimes, brokers are selling the insurance policy not so much on the benefits of the insurance coverage, but on the benefit of getting access to experts who know how to resolve the problems.”

Providing access to these resolution-focused service providers at a discounted rate is an effective way for insurance companies to differentiate themselves in what is an increasingly competitive space. More carriers are seeing the opportunities on offer in cyber and, as a result, expert players in the space are being forced to change.

“Evolving to be more ‘full service’ is also a way for insurance companies to control the costs of a cyberattack,” says Barnett. “Attacks vary so much and understanding how to resolve each incident takes a high level of expertise. Insurers want to know their money is going to something that is actually going to help, so they are vetting the companies who handle IT forensics and legal breach coaching.”

There is no real blueprint for insurers to follow when vetting service providers; it generally comes down to developing relationships and building partnerships.

“Although we do partner with companies we meet through the industry - either through referrals or at conferences - it’s not until you are engaged in working with a client that you can evaluate who is good at handling certain types of cases,” Barnett says. “There may be one firm who is great at working with healthcare and another who is great at retail – it takes time and experience. We’ve handled 1,000 claims a year for the past seven years so have gotten hands-on with a lot of different service providers.”

Related stories:
Cyber insurance start-up outlines its “hacker’s point of view” when assessing risk
Is your company’s data safe from a rogue employee?

Keep up with the latest news and events

Join our mailing list, it’s free!