Tips from an insurer for brokers selling cyber policies

Listening to clients’ exposures before offering them a cyber policy could go a long way in selling the right coverage, a cyber insurer told Canadian Underwriter Monday.

“By asking the question: ‘What keeps you up at night and what do you look at as your biggest cyber exposure?’ for them can really open up the broker to be able to then tailor the messaging back to them as to what the cyber policy can provide,” said Lindsey Nelson, international cyber team leader with CFC Underwriting.

“The broker community could have a lot more success in selling cyber to their clients by not focusing on telling clients what cyber policies can offer them and what’s available in the market, but rather listening to their clients in terms of what they think their exposures are,” she said.

For example, a broker shouldn’t go to a Canadian manufacturer and discuss privacy liability, which tends to be a U.S. exposure, with “very few and far between” incidents in Canada. “Manufacturers don’t hold a lot of records,” Nelson noted. “So I think it would be beneficial for brokers to familiarize themselves with what’s available in the market, but [also] listen to clients’ exposures before we get into the habit of giving them applications that ask very control-based questions and yes and no tickboxes.”

Other suggestions include:

• Having somebody within the company that specializes in cyber and makes it a full-time priority to act as a resource for the rest of the brokerage. This approach can benefit everybody, Nelson said, pointing out that there are a lot of wordings and products currently in the market.
• When brokers speak with clients about system backups, don’t just ask if there are backups, but whether they are being tested regularly to ensure they are working properly. In one case, a five-person architect firm “ended up being one of our more severity-driven claims in terms of a cyber loss,” Nelson reported. The firm was hit by the WannaCry ransomware and realized their back-ups weren’t working for the last three years and the cost to rebuild their systems was hundreds of thousands of dollars. “That’s an example of somebody you could sell a cyber policy to with a relatable example,” she said.
• Assume that all of your clients have a cyber risk. Nelson noted that, in the past, some brokers have not considered cyber exposures of those outside of traditional cyber industries, such as healthcare or retail. “So that opportunity never gets brought up,” she said. “That’s where cybercrime can really help out with that. Where you don’t see a traditional cyber exposure, you will perhaps see a cybercrime one and that helps resonate with insureds.”