May 23, 2019 by Jason Contant
While online quote and bind systems have historically been cumbersome, one specialist insurer will soon offer a cyber insurance platform with single-question quoting capabilities.
Using a single piece of client data, brokers will be able generate a cyber insurance quote tailored to their client’s unique risk profile, as well as coverage variations most commonly requested by similar businesses, CFC Underwriting said Wednesday.
“What we’re doing is we’re taking the one question – which is their domain name, their web address, their URL – and we are using that information to instantly digitally footprint the organization,” Graeme Newman, CFC’s chief innovation officer, told Canadian Underwriter in an interview.
From that information, the insurer can easily get the company’s trading name and address, an estimate of employees and revenue, and find out what the business does. “But we can also find out what email systems they use, we can see the security they apply to their email, we can look at what domain names they have and where they host their websites,” Newman said. “We can look at the security that applies to those websites; we can see vulnerabilities.”
The insurer can see how many devices are connected to the Internet and whether any of those devices have known vulnerabilities. “We can even see how many credentials their employees have had compromised and published on the dark web,” Newman noted.
“We can get this huge volume of data, all within a short space of time based on just one piece of information,” he said. “Why are we asking clients for the information that we can get ourselves, which is a big problem within the insurance industry – full stop. And let’s make everybody’s lives easier and find out that information behind the scenes and use that rather than ask people to fill in old fashioned application forms.”
Available on June 1, the new platform also provides self-service options. It allows brokers to adjust quotes – including limits and deductibles – and bind with a single click. Brokers can further use the platform to get quote variations, use it for mid-term adjustments for policies in place, and to look at the history of claims against a policy.
By looking at their clients’ size, industry and location, CFC also supplies data back to the broker, so they can inform their client on questions such as what limits to buy. These benchmarks give clients visibility into the most common limits purchased, and the most common claims made, by their peers.
Looking forward, Newman said CFC is looking at putting instant chat and messaging into the platform, and offering customizable options. “We want to make that totally customizable so every broker can set what they want in their default options, just to give it that extra level of customization.” For example, if a broker wants to add endorsements to a policy or give every client five options, that information can be pre-populated in the platform.
“The idea is to get the pilot out and see how brokers use the platform to see what they want and continue to develop and build it.”
Your article –
Which reports CFC using a domain address to gather client security data is very largely flawed in principal. This is because over 80% of companies now use hosted domains such as Amazon AWS or Microsoft Azure or many others to host their domains – therefore any metrics gathered from such domain names will the metrics of the hosting company (Amazon) and not the company who’s name is hosted – this giving any insurer a VERY distorted and incorrect picture of the security metrics of the company.
The article has brought a lot of disbelief from the actual security industry. Better that these MGA’s stick with facts and research rather than wishful thinking. We hope the insurer behind them does better research.
Cyber Indemnity Solutions Pty Ltd,
Australia No:- + 61 3 9717 9927
Melbourne :- Level 3, 257 Collins St, Melbourne, Victoria, 3000