When asked to grade the average insurance agent’s knowledge of cyber insurance and cybersecurity, Eduard Goodman, chief privacy office of identity theft protection for IDT991, gave them a grade of C-. In a recent Q&A with Insurance Journal, Goodman highlighted the things agents and brokers need to ask when discussing cyber insurance policy recommendations with clients and providers, as well as pricing and other cyber-related topics. When asked about independent agents’ “handle” on cyber, Goodman explained that generally speaking, the average broker does not understand cyber-risks or what’s available in the market due to a lack of cyber education. However, he also noted that in order to stay relevant, agents and brokers must learn the ins and outs of this risk due to the rising popularity of cyber insurance.
By not offering cyber insurance, Goodman explains that brokers not only put themselves at a competitive disadvantage, but also under professional liability risks for failing to recommend covering such common risks. When determining the price of a cyber insurance policy, an organization’s revenue can be a starting point but a broker also must examine industry type as well as the vulnerability of data stored and how private it is – more revenue does not necessarily mean increased risk.
One thing that has been top of mind here at The Council is that insurers face the trouble of pricing cyber-insurance due to a lack of actuarial data. Additionally, many risks are non-tangible making it hard to determine how to quantify potential losses such as business interruption reputational damage. Insurers also fear that a large-scale cyber-attack on multiple clients could cripple an organization, making some insurers a little hesitant to enter the arena.