The cyber insurance landscape has transformed beyond recognition over the past few years. Insureds looking to renew their policies will feel blindsided with new and volatile requirements, inflated premiums, and unpredictable, face-paced trends. Whilst the most common concerns for carriers right now include ransomware, systemic risk, and payroll risks, the marketplace is prone to change at the flick of a switch. This article will unpack some of the key challenges in brokering cyber liability policies today. 

Time is truly of the essence

Insureds trying to renew their policies now and for the foreseeable are in a severe time crunch: changing carrier requirements and limited extensions have meant that insureds must race to implement new controls in order to qualify for a policy. The result is that insureds will purchase whatever they can get until such time as they can get those permanent controls into place. Meanwhile, Some controls simply cannot be executed at the drop of a hat: implementing MFA (Multi-Factor Authentication), for example, can be substantially more complicated on other platforms or applications, especially if the insureds use archaic systems. 

Brokers should therefore be getting their clients to implement as many controls as possible, well in advance of quoting as this will ultimately make them a more attractive risk and procure a more straightforward renewal process. Where some controls are harder to put in place, brokers should be encouraging their clients to achieve partial implementation and to secure terms under the caveat that the insureds will be able to move forward to greater cyber hygiene in the near future. This will enable them to get the best possible terms for their clients for the time being. 

30 days is almost never enough time to ensure risks are identified and mitigated in time for renewal – we recommend revisiting the issue six months into the original policy. Within that time, brokers should be aiming to make a complete submission, including ransomware supplemental.

The ever-changing cyber risk is head-spinning

Obtaining an understanding of a client’s exposures as a snapshot in time is almost impossible for brokers, given the constantly evolving nature of the cyber risk. For this very reason, continuous underwriting, which some carriers have advocated for with other insurance products, is simply not feasible for the cyber liability policy. Simply put, cyber brokers, many of whom are already operating at full capacity, cannot constantly reassess and remarket their accounts according to regularly adjusting policy terms, pricing, and real-time policyholder data. Moreover, allowing a carrier to sit inside of a company’s network and to monitor their systems in real-time goes against the very DNA of cyber hygiene – granting network access to third parties carries with it inherent risks and potential liability.

Brokers should, instead, be encouraging their clients to adopt continuous monitoring – but not for the purposes of re-underwriting and remarketing the account. Rather, it should be a mechanism for insureds to detect and resolve issues quickly, thereby supporting the end policyholder in keeping secure. It will also enable a faster renewal process when the policy term comes to an end. The fact is, continuous monitoring is a win-win for all parties involved: the insureds reduce the risk of an attack; insurers reduce the risk of financial fallout; brokers reduce their workload and time spent on preparing clients for policy-readiness.

Client expectations are at loggerheads with market realities

In a hardening market, it is becoming increasingly difficult to set realistic expectations, particularly when it comes to rising premiums and carrier requirements. Whilst many brokers fear that frank communication about the market’s volatility will scare their clients into the comforting arms of another, less honest, broker, it is still very important to set realistic expectations for insureds. 

How can this be achieved? 

Firstly, brokers can press for thorough screening early on in the renewal process to inform both parties of the steps needed to progress. Detailed questionnaires, which incisively target the biggest issues in the marketplace and those anticipated in the near future, should be completed well in advance. 

Secondly, carriers should be adopting clearer communication on their requirements and expectations. They must be issuing guidelines to enable brokers to better determine the right market fit for the policies out there. This will save time and money on unnecessary paperwork for all corners of the cyber insurance industry.

Communication needs improving

In a hardening market where attacks are on the up, brokers should be making sure they have good working relationships with their clients’ IT departments. Many brokers will discover that what carriers consider to be a priority is not always what IT wants or, indeed, is able to do with their limited budgets and resources. For that reason, brokers should be pulling IT into meetings and decision-making as much as possible. 

Until the cyber liability policy reaches full product maturity, brokers can expect to take an active role in their clients’ cyber hygiene. Not only are products and services harder to get right now, but many insureds are not onboarded properly once they obtain a policy. This is where brokers can stand out from their competition, by making sure their clients understand what their policy  can achieve for them. Rather than just listing services on a piece of paper in black and white, brokers can lift a policy off the page. 

This is especially crucial in the event of an attack. When a client suffers a cyber incident, they are often placed in a tremendously unfamiliar situation and will turn to their brokers for guidance on reporting, next steps and expectations. Brokers will, in turn, need to move quickly, acting as the grease between the gears and ensuring that the client benefits in full from the policy they have forked out for. For this reason, brokers need to understand the policy better than the insured – armed with this information, brokers can advocate for their clients and provide clarity on the resources and funds which can be recovered.