In the area of cyber risk, most companies focus on transfer of risk while neglecting loss prevention. To address this oversight, ACE will now quote loss mitigation services for every new prospect and make them available for every existing cyber policyholder.
PRODUCT: Loss Mitigation Services
COMPANY: ACE Group
BEST RATING: A++
AVAILABILITY: Coverage is available through agents and brokers for clients that hold ACE Privacy Protection and ACE DigiTech policies.
FOCUS: Holistic risk management includes prevention of loss. But in the emerging area of cyber risk, most companies focus on transfer of risk while neglecting loss prevention, according to ACE. And the losses are growing: Average cost of a data breach was $3.5 million in 2014, up 15% from 2013, according to the Ponemon Institute. Even big organizations can’t keep the hackers at bay: organizations from the U.S. Postal Service to Target to J.P. Morgan Chase & Co. have experienced high-profile data breaches in the last year.
“We realized from the risk management community that they didn’t have a real avenue for loss mitigation,” says Matt Prevost, vice president and cyber product line manager for ACE. “The cyber marketplace seemed to not to have embraced services that are necessary prior to the breach.”
As a result, ACE will quote its loss mitigation services for every new prospect, making its services available for every existing cyber policyholder. “It makes it easy for you as the agent to engage with prevention, versus engaging with just risk transfer,” Prevost explains. “A lot of the feedback we’re getting is that agents are making the insureds aware of the risk, but they’re not technology experts. What we’ve tried to do is associate that process with the insurance proposal.”
The purpose of the new offering is to prevent the event instead of just transferring the risk. Taking a “menu approach,” the product is streamlined to help clients manage risk internally. “The insurance decision maker is not always the technology decision-maker,” Prevost says. “These services are going to bridge the gap between those two departments, which is one of the biggest problems we see.”
UNDERWRITING: ACE Group’s loss mitigation services are a distinct offering from its cyber risk insurance policies, but are available in conjunction with those policies. Since claims experience suggested proactive risk management could mitigate cyber claims, ACE will provide every cyber customer with loss mitigation services, regardless of size. Three tiers of services are all provided by a third-party risk management vendor:
ACE Complimentary: Access to whitepapers, self-assessment tools and best-practice guide.
ACE Essential: Expertise and guidance in six cyber risk arenas: security awareness, cyber readiness, vendor management, breach preparation, regulatory compliance and information governance. Policyholders enjoy access to a negotiated rate of $3,000 per service.
ACE Comprehensive: Essential services, plus higher-level services available at policyholder’s expense.
Commissions are not paid on service offerings and agents are not involved in any contract negotiations with vendors, which are not providers of insurance services and not affiliated with ACE.
MINIMUM PREMIUM: None. The offering is available to all potential policyholders who are receiving quotes from ACE USA.
TARGET: All industry segments.
COVERAGE TERRITORY: All states.
CONTACT: Matt Prevost, vice president, cyber product line manager; ACE Group, 436 Walnut Street, Philadelphia, PA 19106; 215-640-1859.
Amy Skidmore is an IA contributor.
