Cyber Insight 2018: In conversation with... Hiscox head of cyber James Brady

What still prevents cyber from becoming a must for the SME market?

Pleasingly, at Hiscox we are already seeing signs of cyber becoming an important purchase for SME’s. A significant proportion of our UK account is made up of SME’s and we have enjoyed good growth in this area in 2018. That said, the percentage penetration of existing business customers  who currently buy cyber still has a lot of room to grow which, in my eyes, presents an exciting opportunity. SMEs have very real exposure to cyber threats and to realise the market opportunity it is our job as insurers and brokers to build our products so that they are easy to understand and educate customers of the exposures and insurance solutions available.

 

What are the difficulties when putting together a cyber liability product?

We need to provide a policy that our potential customers understand and can make a conscious buying decision on. Products also need to be up to date and provide adequate protection and, critically, a response to the new and evolving cyber threats that businesses are facing on a daily basis.

 

What are the main implications of the GDPR implementation to the cyber insurance market?

It has been positive from an enquiries perspective as it has prompted clients to come to the insurance market and assess their need for coverage. 72 hour mandatory reporting, for certain breaches, can be quite a daunting prospect for SME’s and the attraction of a good insurance policy is the access it provides to a team of specialists who are experienced in dealing with breaches and notification, which can be invaluable to these businesses in what are time critical situations.

 

What initiatives should the industry as a whole take in order to better educate clients and raise awareness about the cyber threat?

I feel that we already do a lot of this at Hiscox, but there is always room to do more. We carry out market research and insight which we use to help educate both brokers and potential customers about the threat of cyber for SMEs. We recently set-up ‘honeypot’ servers, typical of those used by small firms across the country , which showed that there are, on average, 65,000 attempted cyber attacks per day on these businesses.  We live stream this information to our website (www.hiscox.co.uk/cyberlive ) to keep reminding businesses of these threats and it’s activity like this that helps to educate clients and maintain awareness.

 

How do you see the future of cyber insurance in the next five years?

Cyber is real and evolving threat for the vast majority ,if not all, businesses. I therefore see significant demand for the coverage, provided that it’s clear and easy to understand. I can only say that cyber insurance has a very positive outlook in the next five years.

 

Is the rate of progression in preventing cybercrime enough?

Well, staying one step ahead of cyber crime is difficult; it is an ever-evolving threat that requires cyber insurers to constantly re-evaluate their propositions.  Businesses are getting better at prevention but criminals are fast learners and quick to find new vulnerabilities, so the key is having a robust response in place, as well as a good strategy for prevention.

 

What can the audience expect from you at the Cyber Insight event next month?

I can give an insight to selling cyber to SMEs and mid-market customers as these are areas where we have a significant cyber customer base at Hiscox. We have also developed an exciting new  product for the UK market, which will be launched in early 2019, so I can give my views on how to keep your product fresh and relevant to the threats that customers are facing.

 

Why should people come to Cyber Insight? Why is it so important?

I think it is important for people who work in the cyber insurance market to be knowledgeable and abreast of the trends, risks, exposures, coverage and even the terminology used. If we as an industry can do that then I think we can definitely realise the potential that cyber presents.