June 25, 2018 by Greg Meckbach
Brokers looking to sell cyber insurance to commercial clients should be looking to partner with non-insurance firms specializing in security and risk assessment, one Quebec-based broker advises.
“Brokers need to look at not just selling insurance but partnering, and how they can provide clients with more of a turnkey solution on cyber risk,” Brian Kelly, Montreal-based managing partner for risk management at BFL Canada Risk and Insurance Services, said Friday in an interview.
BFL plans to launch this July a service called Cyber Protect, which will include a website scanning service. One of BFL’s partners is a non-profit firm established more than 90 years ago to provide employment opportunities for military veterans. In essence, Commissionaires Québec, a division of the Ottawa-based Canadian Corps of Commissionaires, will inspect the Internet sites of BFL’s cyber insurance clients for computer security vulnerabilities.
The Ottawa-based Commissionaires, perhaps best known for its guards at government buildings, is a non-profit security contractor with a mandate to provide employment opportunities for former members of the military and the Royal Canadian Mounted Police.
Insurance carriers tend to recognize that website scanning services can reduce the risk of a loss arising from a cyber security incident. With that in mind, BFL can get its clients a discount, Kelly said Friday.
“We have partnered with a number of firms to do risk assessments for our clients,” Kelly said. “In a few cases, we have had the risk assessment company partner with us on the placement of insurance to be able to really delineate the risk profile of our clients and to be able to customize the insurance policy.”
Large commercial brokers brokers “tend to want so to build out new revenue streams, but they are not able to get enough volume [to justify the investment],” Kelly said. “We would rather just partner up with other companies [in the security business].”
Cyber risk has caught the attention of many companies’ boards of directors because of the many opportunities for cyber criminals to hack into a company’s computer systems.
“It only takes one employee to open up an email with spamware to be compromised,” Kelly said. “The reality is, (cyber crime) is a highly lucrative business. There are many different back doors through which cyber criminals can enter.”
Brokers placing cyber insurance need to be aware of the different types of losses that could happen in the event of a cyber incident, Kelly added. Losses could come under the category of business interruption, liability to a third party for a privacy breach, fines or penalties.