MPR Underwriting
MPR Underwriting
  • About
  • Team
  • Products
  • Insights
  • Resources
  • Contact
  • About
  • Team
  • Products
  • Insights
  • Resources
  • Contact
  • Linked in
  • Twitter
  • Data protection and privacy notice
  • Cookie Policy

Five answers to cyber
insurance doubts

  • Home
  • Insights
  • Five answers to cyber insurance doubts

Factsheet

Cyber

    During the many conversations around the challenges of selling cyber insurance, some common themes emerge, but these are often easily answered:

    1. It’s too expensive.

    It very probably isn’t. Consider how much it might cost to have; a dedicated incident response manager (24 hours a day, 365 days a year) with forensic experts, extortion specialists, PR representation, call centre facilities/staff, legal experts, restoration services. All of this is effectively in house and available on tap. Not to mention the additional 1st party costs of potential notification, credit monitoring, further crisis response, and so on.
    And don’t forget the financial backstop for any 3rd party liabilities and potential regulatory action, all of which may ultimately be determined by the immediacy and professionalism of expert response in the early stages of an event. Still too expensive…?

    2. There are too many exclusions.

    That depends on the policy and how it’s underwritten. Streamlined and ‘statement of fact’ insurer approaches have, naturally, been known to build protection into products (exclusions or certain IT security requirements), so look for insurers who like to understand the risk and actually do ask questions. The reason they do this might be because their policy provides stronger cover with fewer exclusions and caveats.

    3. We don’t have many customers or personal records, so it’s not for us.

    Personally identifiable information (PII) and data breaches are just one area of cover, but what about extortion attempts (ransomware attacks), crisis response, interruptions to business operations, loss of corporate information, dealing with regulation or online media liability ? Cyber is not just about PII.

    4. Our IT director is very sceptical of the benefits.

    It’s certainly not always the case that they are, but it’s hardly surprising if they were. Insurance is part of a strong cyber strategy, not a substitute for one.
    Cyber is a business risk and a board level issue. Poor handling of a cyber event can be far reaching and fatal to the business, so the IT director needs support.

    5. We have good IT security and procedures, so we think our risk is already fully mitigated.

    Nothing is fully defendable. Cyber insurance is not designed to replace the mitigation already in place it works hand in hand to ensure that there is a solution should the worst happen. The mind set needs to shift from upfront defence as the main priority to a heavier emphasis on preparing for swift recovery and response. Good existing mitigation will mean you can access a quality product at competitive prices.

    Download PDF

    Drawing a parallel with building and contents. There may be locks on the doors, sprinkler systems and alarms, but you still buy the insurance policy. The same should be the case for cyber, with better deals available by demonstrating strong risk protection.

    Tim Jones

    Written by

    Tim Jones

    Language Matters

    D&O Deductibles

    Once upon a time, deductibles were a common feature of Directors and Officers (‘D&O’) Liability policies. Typically reserved for larger or more challenging private risks, or those that were publicly listed, they faded from view as the soft market invaded every element of the contract.

    Insight

    To fee or not to fee

    ‘This “triumph for access to justice” will not be welcomed by all’. So declared Supreme Court judge, Lord Reed, on ruling unanimously in favour of Unison.

    Language Matters

    All Employees as
    Insured Persons

    A recent policy comparison highlighted ‘all employees as Insured Persons’ as the main policy feature. From the perspective of a director, I found this both curious and puzzling.

    10th Floor
    Chancery Place
    50 Brown Street
    Manchester
    M2 2JG

    0161 241 3550
    enquiries@mprunderwriting.com

    • About
    • Team
    • Our Products
    • Insights
    • Resources
    • Contact
    • Data protection and privacy notice
    • Cookie Policy
    • Linked in
    • Twitter
    MPR are Chartered Insurance Underwriting Agents

    MPR Underwriting Limited is a company incorporated in England and Wales. Registered Address: 10th Floor, Chancery Place, 50 Brown Street, Manchester, M2 2JG. Company Number: 10529758. Authorised and regulated by the Financial Conduct Authority.

    Privacy Policy and Cookie Information

    We use a small number of cookies on this website to make the website as useful as possible. None of these cookies collect any personal information. To find out more about these cookies and how to control their use, see our Read More.

    Close