Tag Archive for: cyber

man holding phone at computer with blue screen that says cyber security

the evolution of the cyber insurance market

Considering today’s digital world, cyber-attacks have become increasingly common over the past decade—and with more significant financial impact. Breaches including phishing emails, viruses, ransomware, or other malicious attempts can cost companies billions of dollars.

As a result, more businesses and organizations—both small and large—are investing in cyber insurance to avoid catastrophic losses and expenses—and we don’t blame them. However, the cyber insurance market itself has changed a bit as well. Let’s discuss the evolution of the cyber insurance market and where it is right now.

what is cyber insurance?

Cyber insurance is a policy that protects your “business’ liability for a data breach involving sensitive customer information.” This sensitive information might include:

  • Credit card numbers
  • Account numbers
  • Health records
  • Social security numbers
  • Driver’s license numbers
  • And more

Typically, cyber liability insurance covers network security and data privacy incidents, including first-party costs and third-party claims. Remember, no business—no matter how big or small—is safe from the threats of a cyber attack today.

Not quite on board yet? Check out the shocking cyber attack statistics from AAG below.

cyber attack statistics

Did you know…

  • There is a hacker attack every 39 seconds
  • 64% of companies have experienced web-based attacks; 62% experienced phishing and social engineering attacks; 59% of companies experienced malicious code and botnets
  • Since 2013, there are 3,809,448 records stolen from breaches every day
  • 43% of cyber-attacks target small business
  • Over 75% of the healthcare industry has been infected with malware over the last year

where is the cyber insurance market today?

Today, despite the increased need for cyber protection, organizations are faced with a difficult cyber insurance market. The market is characterized by:

  • Rapidly increasing losses
  • Non-renewal cases
  • Increased premiums
  • Coverage restrictions
  • And longer underwriting periods due to increased requirements

Infographic of the evolution of the cyber insurance market

how benchmark can help

The United States cyber insurance market, according to the National Association of Insurance Commissioners, expanded to $4.1 billion in direct premium in 2020, an increase of over 29% from 2019.

Our team at benchmark commercial insurance is understanding of today’s cyber insurance market—and is here as your partner to navigate insurance compliance around everyday business transactions, ensuring you have the right coverage for your risk tolerance.

Reach out to benchmark today to learn more about our dedication to providing global capabilities with our boutique experience.

what does cyber insurance actually cover?

what does cyber insurance actually cover?

Cyber cyber cyber… This is one of the hottest topics in the insurance industry today. You may already have cyber insurance, or you might be considering getting coverage — in either case, you’ll likely be asking,  “what does your cyber insurance actually cover?” 

who needs cyber insurance? 

While some general liability and professional liability policies include basic cyber liability coverage, additional coverage is often needed. Businesses that store personally identifiable information (PII) for employees and/or customers should have additional coverage.

what does cyber insurance protect you from?

Cyber breaches can occur in a multitude of ways. They can be executed through phishing emails, viruses, ransomware, or other malicious attempts to corrupt your data. 

In 2019, The FBI’s Internet Crime Complaint Center (IC3) reported that the losses for business email scams were $1.7 billion. Learn why an email might be your biggest email risk on our blog. 

The best way to begin protecting your data is to establish internal safeguards with cyber security. This includes strong passwords, monitoring electronic device access, and using different software tools. 

Email scams such as Business Email Compromise/Email Account Compromise (BEC/EAC), are sophisticated scams that target both businesses and individuals who perform legitimate transfer-of-funds requests. In addition to those email-based vulnerabilities, there is an increase in other cybercrimes that threaten businesses (especially those that are remotely operated). According to Cybersecurity Ventures, a cyber attack will occur every 11 seconds in 2022, nearly twice the rate in 2019.  With that being said, it’s important to ensure your business is covered in case a cyber attack does occur, with cyber security liability coverage. 

There are a few types of coverage within a cyber liability policy. First-party coverage and third-party coverage help ensure you’re covered for whatever comes your way.

what else does cyber insurance cover?

First-party coverage includes coverage for immediate expenses related to the cyber breach. These expenses typically include:

  • The cost of notifying employees and the public
  • Marketing and public relations response that protect the company’s reputation
  • Paying extortion money
  • Repairing the damage to software and hardware
  • The cost of business interruption and missed income while operations are suspended
  • Other ancillary costs

Third-party coverage helps a company defend against lawsuits and legal claims. There are a number of lawsuits that can occur. Privacy lawsuits are covered under this coverage in case you have breached the privacy of customers and employees.

Regulatory body fines are covered, as well as media liability claims (copyright infringement, libel, or slander). Lastly, breach of contract and negligence claims are covered with third-party coverage. 

Going into 2022, there is likely going to be a change in coverage. Read our blog cyber security: looking forward to 2022 for more insights. 

cyber insurance for a remote workplace

A recent global industry study conducted by Tenable found that “eighty percent of security and business leaders said their organizations have more exposure risk today as a result of remote work.” 

They listed three main factors that have increased cyber attacks in the 2-year wave of remote office that are important to understand as a business owner moving forward with cyber coverage.

  1. “Enabling a workforce without boundaries.
  2. Expanding the software supply chain
  3. Migrating to the cloud.” 

These three factors are all present in remote workplaces, and give even more reason to understand what your cyber coverage actually covers. 

One question we’ve received from clients is: What happens if a remote employee breaks their work computer while at home? In general, cyber insurance will not cover a broken laptop — but commercial property insurance might. 

okay now my business is covered — now what?

If you have enrolled for cyber coverage, good for you! You’re taking one more step to help create a safe workplace for your employees. Even if your business is protected against cyberattacks, there are some steps you can take to further protect your business. 

read the fine print

It’s important to fully understand what your business is covered for when it comes to cyber risk. At benchmark, we take the time to look into the meaning of a ‘network’ for your company’s policy. The policy might change or be limited to “software, hardware, devices, and other infrastructure owned, operated, or leased by the company.” Knowing what your network entails, how far-reaching it is, and what security protocols you have in place can affect the type, limitations, and cost of your cyber coverage. 

set home-office expectations

In addition to understanding your policy’s details, understanding what your employees’ home offices are like is important to help prevent cyber attacks. A couple of ways to ensure that your remote employees have a safe environment to work is: 

  • Bring in an IT professional to evaluate the laptops and monitors being used or to help install a VPN.
  • Set boundaries with employees about workspace (for example, only use your work laptop, not the family computer that multiple people are using).
  • Provide cyber security training about red flags to avoid.

There are preventive steps you can take to improve your security protocols and reduce the cost of your cyber liability coverage.  To find out more about how we can add cyber to your existing business-coverage, please reach out. 

Cyber Security: Looking Forward to 2022

cyber security: looking forward to 2022

In July 2020, we all saw the ramifications of a well-performed hack. Twitter experienced the most catastrophic security breach in their company’s history. Elon Musk, Barack Obama, Joe Biden, Bill Gates, and other high-profile Twitter users were all among the hacked users.

This hack caused Twitter to shut down all verified blue-checked accounts. In just a few short hours, this breach of security cost Twitter users more than $118,000 and the company even more in their reputation.

This was more than three months ago. So, what does this mean looking to the new year? 

With most business and social interactions moving toward technology-centered avenues, this can be troubling for business owners. Some questions to keep in mind moving forward:

  • What will your company do if this happens to you? 
  • Did the global pandemic and stay-at-home orders make you more vulnerable to potential cyber-attacks? 
  • How can you protect yourself and your company? 
  • What cyber security regulations are being put in place for 2022? 

Let’s explore.

Consider Investing in Cyber Insurance 

Cyber insurance covers the expense incurred due to a data breach, virus, or other cyber-attacks and fraud. It can also cover legal claims that come from a security breach. As companies utilize cloud software, personal computers and laptops, and other technology-based means to store their sensitive data, their risk for a security breach grows exponentially.

The Identity Theft Resource Center claims that in 2018 businesses experienced 571 breaches in security, which exposed 415 million employee and customer records. 

When you do experience a breach as a company, federal law requires you to perform an extensive list of to-dos. If you have cyber insurance coverage, however, your carrier will take that responsibility on.

2022 Changes

The United Nations (UN) provides information about their role in upcoming cyber attacks. One of the main adjustments for the future is the role that automated systems play in cars. Your Tesla could be a risk moving forward (the report highlights passenger cars, vans, trucks, and buses).

The higher risk associated with “connected” cars is another reason cyber security is crucial moving into 2022.

How Has Your Business Become More Vulnerable?

As businesses moved to a new work-from-home model, cyberattacks increased. With most company communication done through e-mail, Slack, and other online platforms, the risk of a breach increases. This could cause a company to experience massive monetary loss as well as reputation damage. 

Signs You’re at Risk of a Experiencing a Cyber Attack

  • You’re receiving requests for transactions, like direct deposits or electronic fund transfers
  • Unsolicited communications are coming through from unknown companies or people
  • Links within the email do not match—check links by rolling your cursor over the link to see if the two match with the content and the email address!
  • Requests with a high sense of urgency, asking you to complete documentation immediately
  • Requests for usernames, passwords, and other personal details like banking information

What Can You Do to Help Mitigate This Risk?

  • Limit your use of large email attachments and programs that put pressure on your company’s bandwidth ecosystems
  • Do not forward emails with attachments that contain highly restricted or company confidential information to personal accounts
  • Avoid reading, talking about, or leaving confidential information in unsecured work-from-home areas
  • Log-off of work devices when you’re not using them
  • Shred sensitive documents
  • Restart your computer regularly

These tips along with the added security of cyber insurance should prepare your business for potential cybersecurity breaches. Learn more about how cyber insurance can help your company today. Contact us at Benchmark to see how we can partner.

And if you’re wondering why your insurance premiums have skyrocketed recently, learn why here.

 

Cyber Security Coverage in the Age of Ransomware

cyber liability

Why Is My Insurance So Expensive This Year?

why is my insurance so expensive this year?

 

Download the whitepaper [pdf]

why is my insurance so expensive?


If you’re like most people, your insurance has recently gone up with no explanation. Although we can list factors that might play a part in these increases,  the reason your insurance is going up is a combination of all of these factors.

D&O, EPLI, Property, General Liability, and Umbrella policies are all going up 15% to 30% year over year.

Below are some factors causing increased insurance costs:

Factors Causing Increased Insurance

  1. Increased Risk Factors. The rezoning of certain open areas as high-risk fire zones has increased carriers’ perception of risk and therefore, is driving up prices.
  2. Re-insurance. Insurance carriers purchase insurance similar to a policyholder. However, due to consistent years of catastrophic losses, the availability has been restricted and costs to insurers has increased. 
  3. Labor Shortages. Changes in immigration law, in combination with stricter criteria for classifying 1099 vs. W-2 workers, have added to the labor shortage post-pandemic markets are experiencing.
  4. Supply Chain Disruption. Shipping routes are overrun, ports are backlogged, shipping containers are in short supply, and trains are delayed causing domino-like effects to businesses. With increases in cost and time to deliver goods comes an increased risk of in-transit losses and loss of business market share.
  5. The Pandemic. With all of the increased insurance claims from COVID-related closures, insurance companies have paid out millions in unanticipatable claims.
  6. Inflation. Property values are soaring and insurance premiums are along for the ride. Insurers have become picky about whom they will insure, causing an increase in policy movement from broker to broker and carrier to carrier. 
  7. Increase Cyber Threats. Office-level security firewalls are not present with people working from home. This, in combination with the widespread usage of online payment options in more businesses, has raised the cost of cyber liability coverage.

These seven cost increases are complicated, global, and not going anywhere. Want to know what you can do to get your costs down? 

Next, we wanted to take this opportunity to provide insight into the ever-changing landscape in the insurance sector. You may have noticed strange behavior from insurers, whether you purchase coverage for your home, business, or both.

Below are the forces exerting themselves on the insurance industry today, which have caused the insurance companies to push rates as well as exit certain geographic areas. We hope this information will provide clarity as well as recommendations on how to take control of insurance costs during this time.

Low Bond Rates

It is interesting to know that in a normal economic market, insurance companies use insurance premiums as a loss leader. The premium loss ratio (total annual Gross Written Premiums valued against total Incurred Losses) typically runs from 105% to 108%. 

This means that for every dollar collected, the insurance company expects to pay out over a dollar in claims. The insurance companies offset this loss, however, with much higher returns in their investment income. A significant source of safe return has always resided in the bond market.

Since today’s bond market has much lower than normal yields, with no relief in sight, insurance companies are seeing lower than normal investment returns.

Unmodel-able Losses

For lack of a better word, we give you “un-model-able losses.”

Insurance companies rely on accurate actuarial “modeling“ to predict losses and help set proper rates based on predictable loss scenarios. For the last ten years, however, the global insurance industry (including the re-insurance segment, but more on that later) has been hit with a regular stream of wildfires, earthquakes, mudslides, hurricanes, abnormal freezes to name just a few.

These are classified in insurance-speak as “un-model-able losses.” Actuarial models have not yet been perfected to incorporate these types of losses. When the industry is faced with these events, profitability plummets, and insurance carriers are challenged to find rates that can accommodate the un-model-able.

Reduced Reinsurance Capacity and Increased Cost

Insurance companies “lay off” much of the value of their loss exposure on the “secondary” or reinsurance market. This considered, the reinsurance market is much more sensitive to how losses will affect their rates, as global reinsurers are the backstop for the industry.

As you may expect, reinsurance rates have spiked steadily over the past five to seven years due to consistent catastrophic losses. In some cases, actual insurance writing capacity is depleted to the point that coverage is no longer available in certain industry segments.

The reinsurer’s response to claim severity and frequency is to restrict the availability of coverage and raise the rates to your insurance company. Year over year, insurance carriers have been paying significantly higher rates for the cost of insurance and that cost is passed to the policyholders.

Remapping of “Fire Zones”

To a carrier, all insurance companies have become keenly aware of what they now consider fire zones, as well as the concentration of insured value that resides within these zones.

Both commercial and residential insures have undergone varying degrees of re-evaluating what they now consider to be locations residing in, or adjacent to, a newly established fire zone. You may have had friends, or even neighbors, complain of non-renewal notices they received from their current insurer.

Again, to a carrier, underwriters refuse to discuss any type of exception we may want to make regarding their “fire-zone” evaluation. Each carrier has determined, through their re-insurance treaty with their re-insurance carrier, what they are allowed or not allowed to write.

They will not make exceptions for any policyholder, which means remapping for fire zones has forced many policyholders back into the market due to the non-renewal of many policies. This is a market with a limited supply.

Why Should This Matter to Me?

The simple answer is to remember that insurance companies are for-profit enterprises. Because of the fiduciary responsibility to its policyholders, insurance companies must stay vigilant on profitability.

As we discussed above, the industry typically operates at a premium loss ratio of over 100%. With the forces pressing down on the industry discussed above, carriers have now focused their efforts on becoming profitable on written premium.

So, how much do rates have to rise to take a carrier from a 5% to 10% loss on each dollar collected to a profit of 10% or 15%? Rates have to rise 10% to 20% on average (this contemplates loss-minimal and loss-free accounts) in order for the carrier to be profitable on collected premiums.

Policies with anything approaching, or exceeding a 50% loss ratio for the last three years combined can see premium increases from 50% to 125%.

What Power Do I Have to Control My Premiums?

Believe it or not, policyholders have the ability to take control over policy costs. The insurance underwriters key in on two areas: property age and maintenance/upkeep. Any property approaching 20 to 25 years old or older will require the underwriter to dig into how well the property has been maintained.

They will want to know about tenants (for commercial properties) and updates, or placement, of the following building systems (home or business). For example, electrical, plumbing, HVAC, and roof systems.

If the age of your property is older, many underwriters are simply choosing not to provide quotes for buildings that have not had these systems updated in the past 10 to 15 years. Please create a budget to update these older systems. It will pay dividends for many years to come in the lowest premiums obtainable in the marketplace.

A Final Word

The most impactful measure used by underwriters to measure account quality is historical losses. Underwriters typically look back three to five years depending on the account.

Homeowners’ losses, both home, and auto, are aggregated to a central database used by all insurers. Commercial accounts, however, are not tracked to a central database.

Losses that cause the most heartburn to an underwriter are water losses. Water perplexes the savviest of insurance actuaries. Policies with consistent water damage claims over time are prime for carrier non-renewal. The lowest hanging fruit for property owners is the proactive replacement of all interior plumbing fixtures. Angle stops, water hoses, and toilet fixtures (float and flap) are the most guilty of causing expensive water damage claims. Next up, would be sewer and drain backups. Please snake all drain lines on a regular basis. Simple, cheap, and effective.

As you’d anticipate, older properties require more information as underwriters evaluate the quality of electrical, plumbing, heating/cooling, and roof systems. 

Remember the insurance policy is not designed to be a “warranty” against less than regular maintenance and upkeep. Property owners can go a long way in stabilizing insurance costs over time by creating and implementing pro-active regular maintenance protocols. If you can create an efficient program, you are doing all you can do to protect your insurance costs for the future.