The number one reason producers can't sell cyber by Brent Harrison

01/11/2014 06:06

Considering many businesses are not even aware when they have been a victim of a cyber-attack, it comes as little surprise the biggest challenge to selling these policies is consumer education.

A new survey of insurance professionals found that 40% of carriers offering cyber insurance say businesses do not think they need the coverages and an additional 29% were under the impression they are covered under their existing policies.

On the other hand, approximately 10% believed the biggest challenge was that premiums were too high.

Conducted by Hanover Research and sponsored by Verisk’s ISO, the survey could not be more relevant considering the blistering pace of cyber policies being sold in the commercial market.

“Even though data breaches are in the news every week, many companies still don’t recognize that cyber-attacks are serious, and that the costs associated with responding to one can be significant and generally not covered under current commercial insurance policies,” said Shawn Dougherty, assistant vice president of Specialty Commercial Lines at ISO. “That’s why insurers and brokers are working hard to educate businesses and make it easy for them to add cyber coverage to their existing insurance portfolio.”

Here are some of the other findings from the Hanover Research survey:

  • No dedicated staff: 51 percent have no dedicated cyber insurance underwriters and rely on staff from other lines to sell cyber policies.
  • Optional endorsements popular: 92 percent offer optional cyber endorsements to existing insurance policies.
  • Risk profile and approach most important in underwriting: Almost half consider the nature of the company’s data and its enterprise risk management philosophy to be more important when underwriting cyber risk than whether a company employs security tests and audits, firewalls, and encryption.
  • Cyber extortion coverage less common: Only 18 percent offer coverage for cyber extortion, while 79 percent offer coverage for data breach expenses.  Hospitals considered less hazardous to insure: More than 70 percent say credit card payment processors, banks and financial services, and national retail chains are the most hazardous to insure, while only 14 percent say hospitals and healthcare systems are the most hazardous.