Partnerships provide insurers with the key to unlock cybersecurity opportunities
The rising threat of cybercrime is challenging insurers to build innovative solutions that will protect their customers and generate new sources of revenue. They can’t overcome this challenge on their own. Cybersecurity partnerships are vital.
The rising threat of cybercrime is challenging insurers to build innovative solutions that will protect their customers and generate new sources of revenue. They can’t overcome this challenge on their own. Cybersecurity partnerships are vital.
The surge in cybercrime is forcing insurers to rethink how they price business risk. But it’s also opening a slew of revenue opportunities for sharp-eyed carriers and brokers.
Companies of all sizes are clamoring for protection against threats such as hacks, viruses, ransomware, data loss and business disruption. Such safeguards are often an essential component of their governance frameworks. Cyber insurance could generate as much as US$50 billion in premium income by 2030.
But few insurers will be able to secure a slice of the cybersecurity business on their own.
“Partnerships between insurers and security providers are absolutely key,” says Damon Rands, founder and CEO at UK cybersecurity firm PureCyber.
“Companies didn’t realize that in the past. They used to think that because they had cyber insurance, they didn’t need security services. Now, bizarrely, the situation has turned around. We have to insist that cyber insurance is a vital layer of a company’s cyber protection.”
Rands was speaking at a recent online event organized by the Qorus Embedded Insurance community and Allianz Partners. The PureCyber CEO together with other speakers at the event emphasized the importance of collaboration within the emerging cybersecurity ecosystem. Business leaders polled during the event agreed. Insurers looking to capitalize on the growing demand for cyber protection will need to find the right partners to enable them to meet the often complex requirements of their customers.
“Our clients range from international sports teams to law firms, accountancy practices to manufacturing organizations,” – Damon Rands, PureCyber.
In March, PureCyber teamed up with Lockton Cyber and Technology, the cyber risk arm of international brokerage Lockton Insurance, to provide bundled cyber protection offerings to small businesses in the UK. The partnership sees PureCyber combine its security services with Lockton Cyber and Technology’s insurance solutions.
Rands says PureCyber has been providing clients with subscription cybersecurity services for four years. “Our smallest client on subscriptions has about nine users, while our largest has 51,000. Our clients range from international sports teams to law firms, accountancy practices to manufacturing organizations. And fintechs,” says Rands.
PureCyber's cybersecurity subscription services include training, proactive vulnerability identification, governance reviews, 24/7 real-time threat detection and rapid response in the event of a security breach.
Rands says few companies understand the importance and complexity of cybersecurity. Often, the cybersecurity industry is at fault because providers frequently promote their products as “silver bullets” that meet all a client’s needs, rather than advocate a comprehensive multi-vendor solution that fits the company’s specific requirements, he says.
“Understanding and contextualizing cybersecurity for each client is vital. For example, if you’re a hairdresser in Canary Wharf and your laptop has Stuxnet (malware) on it, it's an inconvenience. You just delete it. But if you’re a steelworks in Berlin, then that's a huge problem and you need to worry about it.”
Rands adds that insurers are requiring their clients to constantly improve their cybersecurity because of the growing risk of security breaches.
“It’s become increasing complex to go through the annual renewal process,” - Sebastian Mrotzek, Redwood Bank.
“We've seen a huge increase in the minimum standards required for organizations to obtain cyber insurance. In the past, cyber insurance policies were incredibly cheap. Many organizations didn’t implement any other form cybersecurity because they had cyber insurance. Then these organizations started to get hacked and began making claims against their cyber insurance. That’s when insurers realized they had to add minimum security standards to their policies.”
Sebastian Mrotzek, chief information and technology officer at Redwood Bank, says small companies in particular are finding it difficult to maintain adequate cyber insurance.
“We need to have insurance in place. But it's a challenge for small organizations such as ourselves. It’s become increasing complex to go through the annual renewal process. The number of questions and the depth of those questions has certainly increased and so have the disclaimers.
“And if you want to maintain the same level of cover. You guessed it, the premium goes up.”
Launched in 2017, Redwood Bank is a digital bank that serves small businesses in the UK.
“I find it interesting that as a cloud-based bank, our risk premium seems higher than banks that have branch networks. I’d like to think that our recovery capabilities and our general security is slightly better than some traditional high street banks,” says Mrotzek.
He adds that rapid changes in technology, such as sudden advances in the capabilities of AI, can quickly undermine a company’s cybersecurity.
“When I consider our insurance, I need to know that I can claim if we have a breach. If an attack happened, would we be able to deal with it, how long would it take to get funds from the insurer to get us back up and running?
“Now with new attack patterns occurring I want to be sure these threats are covered in our existing insurance policies and we don’t have to wait for next year’s renewals for them to be included.”
To help it navigate the complexities and demands of cyber insurance, Redwood Bank works with an insurance broker that has a close understanding of the company and its needs.
Partnerships with insurance and security specialists are essential, says Mrotzek. “Partners that understand your business can not only provide advice about what you need to do within your company they can also help keep you informed about external developments such as changes in regulations and new threats.”
Rising cyber threats and the growing cost and complexity of cyber insurance have resulted in a significant protection gap among commercial and retail customers. The Global Federation of Insurance Associations estimates that uninsured computer security losses amounted to US$900 billion last year – ahead of health expenses (US$800 billion) and the cost of natural disasters (US$100 billion).
“We attend to our physical security but very few of us apply the same standards in our digital environment,” - Genoveva Pérez Lijó, Allianz Partners.
Allianz Partners aims to close the cybersecurity protection gap among retail consumers with its recently launched Allyz Cyber Care embedded insurance offering. Available on the insurer’s Allyz mobile app, Allyz Cyber Care offers customers a range of online security, support and insurance options. The embedded insurance offering is being marketed by Allianz Partners to customers in Germany, France, Italy and the Netherlands.
Allyz Cyber Care is a product of Allianz Partners’ recent collaboration with F-Secure, an international cybersecurity company based in Finland. Allianz Partners in 2022 entered into a partnership with cyber insurance and security firm Coalition to provide cyber protection solutions to businesses in the US and UK.
Genoveva Pérez Lijó, head of Allianz Partners’ Mobile Device, Digital Risk and Easy Living business unit, says Allyz Cyber Care provides the protection many consumers need as their physical and digital environments converge. She points out that consumers are increasingly worried about the threat of cybercrime yet few bother to get protection.
“We attend to our physical security but very few of us apply the same standards in our digital environment.”
Global research conducted by Allianz Partners found that 33% of consumers have experienced cybercrime in the past 12 months. While 40% of consumers expressed interested in protecting themselves against identity theft or reputational damage less than 10% have acquired such protection.
“The threats are present not only in the car. Cars are now connected to the cloud,” - Karl Schlauch, VicOne.
Pérez Lijó believes the ease of access provided by embedded insurance offerings will prompt consumers to strengthen their cybersecurity. Embedded insurance is a key growth market for insurers. Research firm Forrester estimates the market could be worth US$3 trillion by 2030.
The convergence of customers’ physical and digital environments presents insurers with challenges and opportunities in yet another top growth market – the mobility sector.
Karl Schlauch, cybersecurity principal for threat research at security firm VicOne, points out that the increased presence of digital technologies in motor vehicles raises an abundance of cybersecurity threats.
“The threats are present not only in the car. Cars are now connected to the cloud. Then there is mobile radio connectivity, there’s Bluetooth, there’s Wi-Fi. There’s also artificial intelligence at work in the car.”
VicOne, a subsidiary of cybersecurity firm Trend Micro, develops cybersecurity solutions for companies across the automotive value chain. Its customers range from vehicle OEMs to electric charge station operators.
Schlauch says the rapidly increasing volume of data sourced from motor vehicles will enable security firms and insurers as well as OEMs to adapt and tailor their solutions to meet the specific requirements of customers. He points out the electric vehicle manufacturers Tesla and BYD are already using such information to provide their customers with insurance.
As digital technologies continue to blend into customers’ physical environments demand for protection solutions that address multiple and diverse threats looks set to soar. To capitalize on that demand, insurers will need to team up with key partners across the cybersecurity ecosystem.
Next on its agenda: 9 July "Driving Embedded Travel Innovations: The Strategic Role of Insurance in B2B/B2C Markets"
For further information contact Jana Hola: jana.hola@qorusglobal.com
Insurance & Embedded Insurance community
With Qorus memberships, you gain access to exclusive innovation best practices and tailored matchmaking opportunities with executives who share your challenges.