Cyber insurance may be a hot new product to brokers to sell, but has it been a hot new product for brokerages to buy?
The answer depends upon whom you ask.
Some describe brokers without cyber insurance as an example of the cobbler’s children without shoes: they will sell the product, but it might not see the value in purchasing it themselves. And this is not necessarily a bad thing, since brokerages are a business like any other; they have to assess their own capability of responding to the risk of a data breach.
“Brokers are no different than any other customer when it comes to writing a cheque,” said one broker, who was speaking under condition of anonymity because he was not authorized to speak on behalf of the brokerage. “They are going to sit down and analyze what they are prepared to pay for insurance.”
The broker said the decision to buy cyber insurance may depend in part on the size of the brokerage. In Ontario, approximately 60% to 70% of the brokerages write a premium volume of less than $15 million. The question for them is whether or not the amount of data they handle represents a risk that requires an insurance policy.
“Insurance is for a customer who has a risk they can’t handle themselves,” the broker said. “So if I am a mid-sized broker or a small broker in Ontario, am I overly concerned about my data being breached and how much it would cost me? If I had to go out and make that purchase and it’s going to cost me $2,000, I might, like any other insurance buyer, say: ‘I’ll keep my $2,000 and I will assume the risk myself.’ And that would make perfect sense.”
Many brokers see brokerages keeping pace with the general business population when it comes to buying cyber insurance. (continued.)