Written By Gavin Shillito, cyber underwriter at Rrelentless
Cyber insurance penetration among UK SMEs is reportedly below 10%, despite growing publicity about the frequency and impact of cyberattacks. With a marketplace that doesn’t appear to display a lack of products or coverage options, could there potentially be a knowledge gap in some areas that continues to hold penetration at low levels? Indeed, without a broker who clearly explains the purpose and value of cyber insurance, a client may not be fully aware of the cyber insurance domain in which they operate.
This potential educational shortfall could affect the entire ecosystem at several touchpoints. An uninformed SME may unknowingly remain exposed to significant operational and financial risks. However, with proper broker education and support, they can hold meaningful conversations with SMEs about cyber risk and resilience. With greater knowledge and understanding across all players in the market, cyber insurance providers may unlock further sustainable market growth.
The broker’s role in mythbusting cyberinsurance
From a broker’s perspective, we look at reported metrics around volume of cyber incidents, as well as average coverage levels. Nearly half of businesses (43%) reported experiencing a cybersecurity breach in the last 12 months. Yet, just 7% of businesses have a specific, standalone cybersecurity policy. SMEs often lack in-house technical expertise or infrastructure to help them respond to threats. Given this, brokers can play a vital role in assisting clients to understand how cyber insurance can serve not only as a financial safety net but also as a proactive strategy to protect the business and minimise potential losses.
SMEs may also have the misconception that they need to be a cyber or computer guru to understand what a cyber policy does and the pitfalls of a cyber attack. This is where the broker comes in – not all commercial brokers will be exclusively cyber experts, but keeping abreast of the latest threats and resources available, and translating them into non-technical terms that SMEs can understand, is a key way to build strong client relationships in this age of cyber risk.
For instance, a broker who is informed and can ask the most pertinent questions of a client regarding their data and business operations, to understand how adequately protected they may be, will empower them to better demonstrate the value of cyber insurance and proactive risk management. Additionally, an educated conversation led by the broker could open dialogue to explain the importance of business continuity after an attack, including, for example, financial protection and reputation management, amongst other aspects of an organisation’s potential recovery.
Raising broker confidence
As previously mentioned, the ongoing development of broker engagement and education in the specialist area of cyber risk could be an enabler of greater cyber insurance uptake. Education is vital for both brokers and clients. However, it’s key that brokers learn how cyberthreats impact their client base and how to accurately and meaningfully advise clients on appropriate and suitable cyber cover.
Expanding on this line of thought, one key point brokers should be aware of is that the resilience gap can be especially strong for SMEs, who are often less likely to have standalone cyber insurance, external security support, or formal continuity plans should things go wrong. By being aware of this and the emerging threats facing SMEs, brokers can fulfil their role as trusted advisors, guiding SMEs on how to choose the right product to meet their needs – and critically, their risk profile.
Across the market, collaboration across underwriting teams, cyber specialists and brokers can contribute to greater knowledge-sharing and its benefits. These could include tailored training and practical tools, workshops and learning programmes to build trust and confidence. In turn, brokers are potentially better equipped with the tools that can support in closing SME cyber resilience gaps, creating win-win-win outcomes for brokers, insurers and policyholders.
What’s next for brokers
To develop their own market awareness, and continue to forge strong broker-client relationships, brokers will want to familiarise themselves with the variety of products available, including resilience-first cyber insurance models. This may go beyond financial coverage to offer proactive tools and education to help build better cyber defences in a policyholder’s organisation to ideally prevent claims in the first place – but with confidence that cover is available should a cyber incident still unfold. This approach can have a positive two-pronged outcome: portfolios can remain more stable, and clients have an opportunity to better safeguard themselves against cyberattacks.
By providing access to proactive resources and incident response teams, brokers can advise clients on how to manage their cyber risk, at the same time as building on their own cybersecurity expertise.
Building a more resilient cyberecosystem
It is becoming apparent that the future of cyber risk and, indeed, insurance lies in education and accessibility. Brokers play a pivotal role in making cyber part of the everyday risk conversation. By working hand in hand with cyber experts and clients, brokers can help simplify the message for SMEs and close any evidence of knowledge gaps, supporting them in building greater resilience in the cyber ecosystem.
Rrelentless is one of many providers of cyber insurance, and like most commercial insurance products, getting advice from an independent insurance intermediary is a great way to make setting up your insurance needs straightforward.
Gavin Shillito is cyber underwriter at Rrelentless.
