Brokers have work to do in encouraging SMEs to see the value of cyber insurance

Commercial cyber insurance has recently been one of the fastest growing products in the insurance industry. With more businesses digitalising their operations and processes, plus an increasing number of big corporates suffering major cyber attacks, purchasing a cyber insurance policy has never felt more relevant or necessary.

Despite this, recent reports show that only one in 10 small businesses in the UK currently hold cyber cover. The question is why are small to medium enterprises (SMEs) still so reluctant to buy cyber insurance?

Firstly, since cyber cover is a new product, a lot of clients have been largely unaware of it. Furthermore, some firms have been underestimating the increasing cyber risk posed to their businesses - a recent poll, for example, found that eight out of 10 organisations don’t see data breaches or data losses as a major risk for their operations.

There is also the widespread presumption that commercial general liability insurance will cover damages caused by cyber incidents, or the fact that many SMEs assume that anti-virus programmes provide enough proetction to tackle cyber threats.


The role of brokers

But, what role could brokers have here to mitigate cyber risks for SME customers?

Initially, they can educate and inform clients of the need for cyber insurance. Hackers do not only target big firms, like British Airways and Marriott Hotels. According to recent figures, small firms are hit by nearly 10,000 cyber attacks daily. This is because they are usually considered an easy target due to their weaker online security and the use of more feeble encryption technologies on cloud servers.

Another factor which might be putting firms off from buying cyber insurance is the complicated wording of policies. These may not be as clearly worded as general commercial liability policies, for example. Sometimes it is not evident what is covered or not, and there have been a number of instances when insurers have denied paying huge claims. The recent most notable example is when Zurich refused to pay a  damage claim to US food company Mondelez after a NotPetya attack, a form of ransomwear, citing a ‘war exclusion’ clause.

Underwriting cyber risk has been yet another challenge. Due to the lack of historical data, cyber underwriting is much more difficult. The nature of the risk and the fact that the product is still so new also contributes to the complexity of cyber.

However, with the majority of businesses digitalising, moving to the cloud and automating, small and big businesses alike will want the peace of mind insurance brings, alongside firewalls and anti-virus programme support. It is the role of brokers to educate clients on the new cyber risks and the need to buy specialised coverage.

At BrokerFest 2020, there will be a specialised workshop on how brokers can sell cyber insurance - this just one of the issues that will be explored at the one-day event on 11 February 2020. Taking place at etc.venues County Hall, in central London, BrokerFest is designed to help brokers do better business. A limited number of free delegate places are available for brokers. Find out more here.