Servicing clients and their exposures is difficult enough. But throw in trying to keep up on the cyber evolving liability exposures and associated coverage forms, and it’s a complicated situation that may leave agents exposed themselves.
Here are five things to consider in designing the right cyber liability coverage for your clients:
1) Cybercrime complications. Cybercrime, such as phishing schemes and social engineering, is complicated. Insureds expect that if they have both a crime and a cyber policy, they should be covered. Unfortunately, this isn’t the case.
Some crime policies specifically state social engineering and cyber theft is included, while others may not. It’s important to design a crime policy that covers certain cybercrime exposures and complements the cyber policy.
2) Add-on cyber coverage. Cyber may be an added “throw-in” as part of a commercial general liability policy, business owners policy or professional liability policy, but in most cases, the insured will not have the coverage they need.
These policies may include low limits, sub-limits or even exclusions for cyber losses, which leave clients underinsured. Or, the policy may have aggregate limits shared among coverage grants, leaving the insured further exposed.
3) Business Interruption triggers. A strong cyber policy will include business interruption coverage to pick up the exclusion on a property policy for a network security event.
Most cyber policies will respond in the event of a security breach that causes network failure and loss of revenue. Recently, this has been expanded to include business interruption caused as a result of an insured’s system failure or network disruption, which is a much broader trigger.
The type and extent of business interruption coverage in a cyber policy becomes extremely important depending on the client’s industry. For example, a manufacturer would be greatly impacted if a supplier’s system failed, upending their ability to deliver.
4) Pre-breach resources. There is a big push to prevent claims with pre-breach resources, but how engaged are insureds in using these services?
It’s important not to sell solely based on what an insured can get for free, where the take-up rate for services has been traditionally low, particularly in the small to mid-size market. While we should offer risk management resources, add-on services shouldn’t be at the expense of the policy language itself.
5) Risk management terms and procedures. It’s important for agents and brokers to familiarize themselves with the terms and procedures to help prevent losses. This includes:
- Multi-factor authentication
- Checks and balances for wire transfers and invoicing
- Segregated, regular critical data backups
- Ongoing employee training
Cyber insurance solutions for diverse industries are available. But you need to know what to look for, when it’s important and for which industries.
Collaborating with a wholesale partner with broad market reach gives you access to the wide range of coverage, but also experts who specialize in handling cyber risk. With online platforms that make quoting cyber simple and fast, a wholesale partner may be the right path to providing cyber coverage for your clients.
By Steve Robinson, area president, technology & cyber, Risk Placement Services.