MPR Underwriting
MPR Underwriting
  • About
  • Team
  • Products
  • Insights
  • Resources
  • Contact
  • About
  • Team
  • Products
  • Insights
  • Resources
  • Contact
  • Linked in
  • Twitter
  • Data protection and privacy notice
  • Cookie Policy

Five answers to cyber
insurance doubts

  • Home
  • Insights
  • Five answers to cyber insurance doubts

Factsheet

Cyber

    During the many conversations around the challenges of selling cyber insurance, some common themes emerge, but these are often easily answered:

    1. It’s too expensive.

    It very probably isn’t. Consider how much it might cost to have; a dedicated incident response manager (24 hours a day, 365 days a year) with forensic experts, extortion specialists, PR representation, call centre facilities/staff, legal experts, restoration services. All of this is effectively in house and available on tap. Not to mention the additional 1st party costs of potential notification, credit monitoring, further crisis response, and so on.
    And don’t forget the financial backstop for any 3rd party liabilities and potential regulatory action, all of which may ultimately be determined by the immediacy and professionalism of expert response in the early stages of an event. Still too expensive…?

    2. There are too many exclusions.

    That depends on the policy and how it’s underwritten. Streamlined and ‘statement of fact’ insurer approaches have, naturally, been known to build protection into products (exclusions or certain IT security requirements), so look for insurers who like to understand the risk and actually do ask questions. The reason they do this might be because their policy provides stronger cover with fewer exclusions and caveats.

    3. We don’t have many customers or personal records, so it’s not for us.

    Personally identifiable information (PII) and data breaches are just one area of cover, but what about extortion attempts (ransomware attacks), crisis response, interruptions to business operations, loss of corporate information, dealing with regulation or online media liability ? Cyber is not just about PII.

    4. Our IT director is very sceptical of the benefits.

    It’s certainly not always the case that they are, but it’s hardly surprising if they were. Insurance is part of a strong cyber strategy, not a substitute for one.
    Cyber is a business risk and a board level issue. Poor handling of a cyber event can be far reaching and fatal to the business, so the IT director needs support.

    5. We have good IT security and procedures, so we think our risk is already fully mitigated.

    Nothing is fully defendable. Cyber insurance is not designed to replace the mitigation already in place it works hand in hand to ensure that there is a solution should the worst happen. The mind set needs to shift from upfront defence as the main priority to a heavier emphasis on preparing for swift recovery and response. Good existing mitigation will mean you can access a quality product at competitive prices.

    Download PDF

    Drawing a parallel with building and contents. There may be locks on the doors, sprinkler systems and alarms, but you still buy the insurance policy. The same should be the case for cyber, with better deals available by demonstrating strong risk protection.

    Tim Jones

    Written by

    Tim Jones

    Insight

    Prior & Pending Litigation Date and Retroactive Date
    – A Case of Mistaken Identity?

    The question of the difference between, and application of, the prior and pending litigation date (“P&P date”) and the retroactive date (“retrodate”) is a frequently visited conversation and can sometimes be difficult to decipher.

    Insight

    Whatever Happened to
    the Major Shareholder Exclusion?

    At the Championship play off final in 2010, Blackpool FC sold 37,000 tickets for their game against Cardiff. Seven years later, in the League Two final against Exeter, only around 5,000 tickets were sold.

    Insight

    ‘Verbal’ – one word,
    all the difference

    The same pattern sometimes appears in business. When things go wrong, frustrated parties can act irrationally and may say things that won’t necessarily be followed up on.

    10th Floor
    Chancery Place
    50 Brown Street
    Manchester
    M2 2JG

    0161 241 3550
    enquiries@mprunderwriting.com

    • About
    • Team
    • Our Products
    • Insights
    • Resources
    • Contact
    • Data protection and privacy notice
    • Cookie Policy
    • Linked in
    • Twitter
    MPR are Chartered Insurance Underwriting Agents

    MPR Underwriting Limited is a company incorporated in England and Wales. Registered Address: 10th Floor, Chancery Place, 50 Brown Street, Manchester, M2 2JG. Company Number: 10529758. Authorised and regulated by the Financial Conduct Authority.

    Privacy Policy and Cookie Information

    We use a small number of cookies on this website to make the website as useful as possible. None of these cookies collect any personal information. To find out more about these cookies and how to control their use, see our Read More.

    Close