MPR Underwriting
MPR Underwriting
  • About
  • Team
  • Products
  • Insights
  • Resources
  • Contact
  • About
  • Team
  • Products
  • Insights
  • Resources
  • Contact
  • Linked in
  • Twitter
  • Data protection and privacy notice
  • Cookie Policy

Avoiding the Sucker Punch:
Buying and Selling Cyber Insurance

  • Home
  • Insights
  • Avoiding the Sucker Punch: Buying and Selling Cyber Insurance

Insight

Cyber

    Despite a continuing increase in cyber breach events, a changing regulatory landscape (post GDPR) and a further increase in use of (and reliance on) technology, cyber insurance is still often regarded as a difficult product to sell.

    Despite a continuing increase in cyber breach events, a changing regulatory landscape (post GDPR) and a further increase in use of (and reliance on) technology, cyber insurance is still often regarded as a difficult product to sell. Notwithstanding this, there is certainly an increase in policy uptake and the market continues to grow. One of the difficulties for brokers that remains is the lack of standardisation and some wild inconsistencies, with every insurer laying claim to have the best policy language. This can leave brokers, and their clients, on the ropes, with fundamentally different approaches to underwriting, pricing and content.

    In the red corner are the insurers that offer a streamlined underwriting approach with limited questions. This is great for quick decisions and a simple purchase process, but possibly not so good when it comes to the detail in the policy wording or the way the incident response services (if they exist) are triggered and engaged. It is a generally accepted position that, if an insurer doesn’t do the underwriting up front then there could be ‘protections’ built into the policy. This can create problems at the cyber event stage, when exclusions bite or assumed states aren’t accurate or are non-compliant. Or, the cyber event is covered but the client needs to manage, pay and coordinate the incident response service (and associated vendors) themselves, as opposed to having it coordinated, and paid for, on their behalf.

    In the blue corner are the insurers that conduct more initial analysis, and who may require a proposal form and dig a little deeper to understand the risk further. This is sometimes perceived as unnecessary or difficult, but it is crucial to get to a solution without the same level of restrictions. So, if a question is raised in relation to legacy systems (i.e. servers that may no longer be supported), that’s probably because their policy doesn’t have language removing cover if the insured fails to update, upgrade or test software (or operates any unsupported/legacy systems), as some of those in the red corner may do. After all, there is no real need to ask a question on something if you’re not covering it.

    We recognise that it’s a difficult market to navigate and there needs to be a balance between an efficient process and adequate underwriting. However, the growth in cyber insurance has coincided with a rise in online systems and the drive for transactional efficiency. Brokers need to keep their guard up, especially when completing statement of fact responses on behalf of their clients. Much of the emphasis switches from the underwriter asking the questions, to the broker/client confirming something does/doesn’t exist or is true and warranting that to the cover.

    Ultimately, we’re all in the business of risk mitigation/transfer so it’s important to understand the cyber risk and how it’s addressed, and then ensure the risks are matched to a policy that is suited to their needs, all at a competitive price. Working with an insurer who understands this will mean you’re more likely to have them in your corner when you need them, otherwise you could find yourself reeling from a blow below the belt.

    Tim Jones

    Written by

    Tim Jones

    Factsheet

    Seven Steps to Selling Cyber

    MPR’s CIRI policy specifically has an ‘Immediate Incident Response Expenses’ definition, because we want the policyholder to act without hesitation, even if they feel they may be able to handle it themselves.

    Factsheet

    Management Liability
    Renewals: 2020 Vision

    The pace of change in the ML market has quickened as we have moved into 2020. Prices continue to increase, sometimes dramatically, but cover changes, whilst less obvious, can be highly impactful.

    News

    MPR and AXIS Specialty
    Extend Day One Relationship
    to 2025

    MPR is thrilled to extend our relationship with AXIS for another three years.

    10th Floor
    Chancery Place
    50 Brown Street
    Manchester
    M2 2JG

    0161 241 3550
    enquiries@mprunderwriting.com

    • About
    • Team
    • Our Products
    • Insights
    • Resources
    • Contact
    • Data protection and privacy notice
    • Cookie Policy
    • Linked in
    • Twitter
    MPR are Chartered Insurance Underwriting Agents

    MPR Underwriting Limited is a company incorporated in England and Wales. Registered Address: 10th Floor, Chancery Place, 50 Brown Street, Manchester, M2 2JG. Company Number: 10529758. Authorised and regulated by the Financial Conduct Authority.

    Privacy Policy and Cookie Information

    We use a small number of cookies on this website to make the website as useful as possible. None of these cookies collect any personal information. To find out more about these cookies and how to control their use, see our Read More.

    Close