Canadian Underwriter

Talking to clients about the importance of cyber security and coverage

November 30, 2021   by Brooke Smith

Print this page Share

All lines of insurance have challenges, but lately cyber’s been bringing brokers ever-changing complexities.

“It’s really the new problem child in the insurance world,” said Kevin Neiles, president, western Canada & chief markets officer, with Gallagher, at a November Gallagher Talks webinar. “A rapidly increasing number of cyber liability incidences are causing a very cautious approach by insurers in this class.”

No wonder. Ransomware demands are becoming significantly larger. According to a recent Trend Micro study, global ransomware activity rose 150% year over year in 2020, and average extortion amounts doubled.

Insurers are either putting lower limits on the coverage, Neiles said, or in some cases eliminating it all together.

He added some insurers are demanding companies have “proper loss-control measures” in place, including multi-factor authentication (MFA).

“Many insurers will not even consider coverage if MFA isn’t in place,” he said.

Beazley Canada requires its client companies have MFA for remote and cloud email access, said Rhea Turchinetz, underwriter, technology and cyber division.

“We also require them to have regular backups and to test their backups periodically for data integrity,” said Turchinetz, who added that while these requirements might not stop a breach, they can help make a potential situation not as “catastrophic as it could be.”

Brokers can help.

First, educate clients on the importance of implementing cyber security measures — and purchasing coverage. According to Munich Re’s 1st Global Cyber Risk and Insurance Survey, 35% of C-suite respondents are considering buying cyber insurance; but only 34% of them have contacted their insurers.

Discuss your client’s set-up by asking a few basic questions: Are your employees working remotely? Are they working in the office? Where is their email being accessed from? (In the cloud? On the network?)

Turchinetz said if employees work remotely, they need MFA and a VPN.

Second, stress the importance of training. “Ensure your client’s employees have cyber training to be able to detect phishing emails,” she said.

According to an FBI report, between February and April 2020, phishing was up 600%.

Third, brokers can get help from insurers and underwriters. Ask them for a list of questions or examples of why companies need cybersecurity, she said.

A final piece of advice? Turchinetz said brokers selling cyber insurance should be able to answer ‘yes’ if asked whether they have coverage for their own companies.

That’s a big selling point.”


Feature image by