The case for cyber insurance gets stronger by the day, as cyber incidents grow in cost, cyber attacks become more frequent and cyber policies offer more innovative and effective services. But cyber is still a new market. Businesses often aren’t aware of their cyber risk or the role cyber insurance can play in protecting them. So how can you educate your customers about cyber?
CFC sat down with some of their top-performing cyber brokers to discover their secrets to success. Here are six things they say every broker selling cyber should know:
- How to explain cyber exposure simplySince lots of businesses are new to cyber, jumping straight into granular detail can feel unrelatable and unconvincing. Businesses don’t need to know the difference between the Cobalt Strike infection and the Log4Shell vulnerability. They care about how they’re at risk, the potential consequences of that risk and how they can prevent it. So stick to the basics and avoid unnecessary jargon.
It helps to ask the right questions. What cyber security practices do you have in place? Do you consider data privacy? Have you been impacted by a cyber attack before? Your client’s answers will paint a picture of their cyber exposure, so they can understand their risk and how cyber insurance is here to help.
And there’s nothing better than a strong statistic to back up your points—did you know 72% of businesses worldwide have been impacted by ransomware in 2023?
- Key factors that influence the priceCyber insurance provides great value for businesses big and small, but in many circles its cost is a topic of discussion. Those new to cyber may point to the price of cyber insurance coming close to more traditional lines, so it helps to know the three big factors that influence the cost:
1. Cyber incidents, particularly against SMBs, are the top business risk for the fifth year running
2. The average cost of a cyber claim is significant
3. Today’s cyber policies offer sophisticated technical services that would be too pricey for SMBs to get on their own
Learn more about why cyber insurance is a great investment for any business, plus a breakdown of cyber incident costs, in this quick read.
- How to handle these top objections“I already invest in cyber security.”
Cyber insurance provides a different service to cyber security, it’s not a question of either/or. Good policies will support the business’s internal IT team or external managed service provider with an expert incident response and business recovery team, while being there to cover financial loss if the worst happens.
“Cyber attacks only affect big businesses.”
While it’s attacks on household names that make the news, any business can find itself hit by a cybercriminal. And since smaller businesses tend to have less mature cyber security practices in place, cybercriminals often see them as the more attractive target.
“We don’t collect sensitive data.”
Two of the most common and costly cyber attacks we see are actually ransomware and funds transfer fraud, which aren’t necessarily aimed at stealing data. The cost to contain threats, repair networks and restore business operations—or to recover stolen funds—are the insured’s biggest worry. Thankfully, both types of incident are covered under CFC’s cyber policy.
Use this checklist to find answers for more common objections.
- Security assessments don’t tell the full storyBusinesses often use third-party risk reports and vulnerability scans to evaluate their cyber risk. While these assessments give a good snapshot of network health at a specific time, IT environments can change any day. This means assessments don’t reveal much around the level of security across a network, potentially presenting a far more positive picture than is the case.
Fully understanding when and how risk reports are beneficial will help your clients understand their risk and purchase the correct coverage. We explain risk reports in more depth here.
- Good policies offer proactive and reactive servicesCyber insurance doesn’t just cover financial loss when an incident occurs. A good policy offers proactive protection to stop attacks from happening in the first place, and reactive support to respond to the incident efficiently and effectively.
From the moment a CFC cyber policy is bound, their global team of cyber experts works around the clock to detect and alert their customers to cyber threats targeting their business. If they discover a cyber security issue, their team notifies the impacted business though their Response app, and takes steps to remediate the threat before it escalates.
The value these services offer to small businesses in particular might just be the greatest benefit a cyber policy can provide.
- The perfect analogy that shows the true value of cyberTaking out property insurance in case of a fire is seen as standard practice. Alarms and sprinklers can reduce fire damage, but they can’t remove the possibility of you facing a costly bill and business interruption. It’s the same principle for cyber.
The most advanced cyber security available can still get caught out by a new vulnerability or threat. Without cover, the impacted business won’t receive support in their incident response and recovery, and it’ll bear the financial burden alone.
CFC’s cyber policy is the full package. For a smoke alarm they offer proactive cyber attack prevention, for a sprinkler system the largest in-house team of incident responders in market. And at the end they cover any damage and loss of income, helping policyholders get back on their feet.
With today’s cyber policies broadening their cover and protection, and cyber risk escalating at an alarming rate, cyber insurance is set to play a bigger role than ever before. By helping your clients to understand their cyber risk- and how cyber insurance is such a gamechanger – you and CFC can help protect businesses and perhaps even turn the tide on cybercrime.
See how you can best speak to your clients about cyber risk and insurance in CFC’s on-demand webinar.