Cyber insurance is becoming popular, but there remains some degree of overlap with other commercial products, creating confusion among customers and providers. Story by Thomas McCourtie.

Most if not all SMEs engage in ecommerce in the modern era. Digital has become a way of life for the majority of business groups, and as a result the right insurance protection is needed. Cyber insurance, a product that has grown in popularity among commercial businesses, is the type of policy commonly purchased by firms looking to insure their digital assets and practice areas containing sensitive information. This may include personal customer records such as names, addresses and financial data – for example, the name of the bank and details of the account the customer holds.

According to Verdict Financial’s most recent SME surveys, cyber insurance has grown from being held by 10.6% of all SMEs in 2015 to 13.7% in 2016. This shows that commercial businesses are increasingly turning to cyber insurance to provide the requisite means of protection. However, as this type of cover continues to grow from what was a relatively unknown product to a necessity for businesses of all sizes, there remains a degree of uncertainty over the risks covered by a cyber policy. In other words, there’s an overlap with other commercial insurance products, meaning consumers and insurers are often left confused as to where the liability of a claim may ultimately lie.

Cyber insurance has grown from being held by 10.6% of all SMEs in 2015 to 13.7% in 2016 Click To Tweet

Sensitive client information

A good example is directors and officers insurance and professional indemnity (PI) cover, which have a tendency to overlap with several aspects of cyber insurance and the risks these products are designed to cover. Both product types are centred on professional conduct in the workplace, and how individuals (namely customers) fare following the result of an event, business decision or service commonly offered by the firm. More specifically, all three of these products have an affiliation with the handling of sensitive client information, and are designed to mitigate the risks and damages the firm may suffer as a consequence of business frailties or inadequacies, which may have direct implications on the customer. Therefore, PI insurance could pick up some of the liabilities associated with cyber cover, and vice versa.

First and foremost, there must be more clarity and differentiation between these types of products. Insurers must be distinctive in the coverage areas offered by these policies, especially as they share many similarities.

Secondly, with regards to markets such as PI insurance – where competition is so high that rates have been driven to an almost impossible low – insurers need to be clear on the categorisation of certain risks, and under which product(s) they fall. This is due to the possibility that if certain cyber-associated risks fall into the PI category, then losses could be greater in this market and insurers may struggle to pay claims, especially in the absence of adequate income received from PI premiums.

READ NEXT: Insurers must consider going paperless in the claims process

– This article is reproduced with kind permission from Verdict Financial. Some minor changes have been made to reflect BankNXT style considerations. Read more here. Main image: faithie, Shutterstock.com

About the author

Thomas McCourtie

Thomas McCourtie is an analyst within the general insurance team at GlobalData Financial. He has a fintech background, and focuses on the commercial insurance sector and the growing influence of automated product distribution platforms.

Leave a Comment