November 23, 2017 by Jason Contant, Online Editor
Given the “fairly fluid coverage situation” in the cyber insurance market, it’s imperative for brokers to educate themselves about the array of available cyber products to establish the right limits of cover for their clients.
“I think brokers struggle with the concept of who needs it, who will even think about buying it, and their own responsibility to make clients at least aware of the issues and options,” says Hugh Fardy, senior vice president of professional liability in Ontario with Arthur J. Gallagher Canada Limited. “There is also a fairly fluid coverage situation today, with markets amending their wordings and changing what and how cover is provided.”
Establishing the right limits of cover is often an issue for both brokers and clients, adds Fardy, especially concerning cyber insurance “as many do not have a strong understanding of exactly what the exposure is and what limit is needed to address that.”
Brokers may have yet to explore cyber coverage for their own firms; those that do may be making due with an extension to their office package. “That may or may not have the coverage and limits they really need,” says Fardy, thus offering a false sense of security.
Generally speaking, a dedicated standalone policy tends to have a broader cover and better limits. Bundled coverage, on the other hand — or in the case of E&O, an extension endorsement — often restricts the cover offer and usually comes with smaller limits. (Many cyber liability extension endorsements are limited to first party cover — i.e. to cover expenses in the event of a breach — and have limits of $25,000 or $50,000).
“Either can be the right choice,” says Fardy, “but that can only come from a proper review of exposure, cover required and an understanding of what is offered.”
Fardy sees two main trends affecting brokers.
The first trend is that “suddenly more markets want to have some kind of cyber offering.” Selected markets have made a commitment to providing what is viewed as a full cyber offering with seven or eight major points of cover for both first- and third-party claims (third party coverage, for example, protects against suits as a result of a breach). Others present a restricted offering of maybe two or three points of coverage, with many being just first party cover.
The second trend is the belief that cyber cover is really only for the “big” firms with all kinds of exposure. “That is true to a point,” says Fardy, “[but] we have seen a constant increase in the number of smaller businesses who have experienced a cyber issue.” He has observed that ransomware attacks are often focused on smaller, less protected firms.
“Perhaps the most concerning trend from a broker viewpoint is the steady media coverage of cyber events and how this is making this already ‘hot topic’ item even more high profile,” says Fardy. “Clients who have issues will be asking why they didn’t have the coverage.”