June 10, 2021 by Adam Malik
Brokers and insurers need to change the way they speak to clients about cyber coverage and the types of products that are available, a cyber expert recently advised.
Selling full-suite, one-size-fits-all cyber policies that don’t actually fit a client’s profile should go by the wayside, Lindsey Nelson, cyber development leader at CFC Underwriting, said during a recent virtual summit. What a client really needs is for someone to sit down with them, understand their issues, and figure out their precise needs.
Conversations around cyber insurance need to change, Nelson said.
“[Avoiding] what’s not worked well in the past is perhaps the best place to start,” she said at CFC Summit 2021. “And what doesn’t work well is the blanket, one-size-fits-all solution of, ‘Let’s talk about privacy liability. Let’s sell [cyber] as a third-party policy. Let’s take a fortune 500 or FTSE company, and try to relate that to a small business and hope that they understand the merit [of cyber coverage for] their business.’”
In contrast, what works is providing examples that benchmark clients against their peers. What are similar companies experiencing when it comes to cyberattacks?
Also, Nelson suggests, try to explain cyber as a concept, as opposed to spelling out “numerous wording comparisons between five or six markets with really technical details.” Getting lost in the details, she says, misses the whole step of actually taking that step back and explaining what cyber insurance does for them.
Cyber insurance today is a proactive, self-driven policy, she continued. It’s supposed to give clients a set of tools to help them become better businesses from a security perspective. A policy gives them a team of enterprise-grade security experts in case the worst imaginable situation happens — something businesses can’t financially afford to happen.
“It really works for you from the very first day that you bind the policy,” Nelson said during the session, The Changing Face of Cybercrime. “That’s what small businesses are buying for today; I think changing the conversation that way has helped massively with market adoption in any territory that we deal in.”
If you don’t change the conversation to tailor the product to meet the client’s specific cyber needs, then clients might do something detrimental to their interests, like drop extortion coverage, for example. An alternative to dropping such coverage altogether may be to consider sublimits on that coverage, she notes.
“[It] works in the client’s best interest to allow their policy limit to be available for what ends up ultimately being the more expensive part of the ransomware claim — things like forensics, system damage costs, re-creation, and the business downtime,” she explained. “Providing the full limit on extortion actually erodes coverage available that clients will need. And certainly when you balance it with the net profits of what a company is actually able to pay, we want to make sure that conversation is a little bit more balanced with clients.”
Feature image by iStock.com/Jacob Ammentorp Lund