cu
INTERVIEW
or accept money from clients. Some industries are more exposed than others. A good example is construction. Lots of contractors tend to be involved in building projects for which they are sourcing lots of different materials from lots of different suppliers. They will be wire-transferring money for timber, bricks, and concrete to make sure
their job is completed on time. They need to have their materials delivered. Construction is a really good example of where clients may say, ‘We don’t have a cyber exposure because we don’t collect consumer data,’ just like manufacturers.
Cyberattacks often involve a human element, so brokers should be looking at this as a business continuity product, as well as from a crime standpoint,
not just from a business interruption perspective. If a business has a large sum of funds stolen through wire transfer fraud, they often run into cashflow issues. They need that money back and quickly.
cu | Do you see new service offerings coming down the pipeline, or even changes to current offerings?
I think there has been an over-emphasis on the policy wordings themselves. The wordings are important; they determine what coverage is there or isn’t. But we’re starting to see brokers become hung up on the nature of the wordings almost at the expense of inquiring with individual insurers about what their cyber claims solutions look like. I think we’ve seen lots of innovation in the area of word- ings and what the actual coverage looks like from a language perspective.
I don’t think we’ve seen insurers invest enough in the infrastructure that needs to sit behind the product in order to fulfill the promise that exists within the policy wording. Take two cyber insurers with very similar products: if a client has a claim, the client experience and outcome could be very different from one insurer compared to the other based on the cyber claim service offered by each insurer.
Here is my advice to brokers who are trying to choose their cyber insurance
partners: look at the claim service alongside the policy wording, and make sure you are looking at best-in-class policies as well.
cu | How do you get someone to buy something they think they don’t need, especially in a hard market, when pre- miums for other policies are going up?
It’s difficult to sell something when people think they don’t need it. That does make the insurance discussion more difficult for the broker. As busi- ness lines such as directors and officers (D&O) and professional liability start to harden, the client might feel like they don’t have the insurance spend for a cy- ber policy. But that becomes irrelevant if the risk is articulated and it’s clear it could end up costing the client so much more if they don’t invest in a cyber
insurance policy.
Again, keep it relevant. We’d be wary
of talking to a small business customer about reputational risks when it might be a less relevant example for them. For that client, we’d encourage brokers to talk about the real claims we see from small customers, and that tends to be theft of funds, social engineering, and ransomware.
If we can make it relevant by explaining the claims are real — if we can articulate to insureds that there
are businesses like them who have cyber claims and that they would have seriously struggled without a cyber policy — then the fact that their other premiums have gone up in a hard market doesn’t put them off wanting to invest in a cyber insurance policy. At the end of the day, it’s going to cost them so much more if they have a cyber claim and they haven’t got it insured.
        PROFILE
   JAMES BURNS
Title: Cyber product leader, CFC Underwriting
Past experience: Joined CFC in London, U.K., nearly eight years ago. Previously at Zurich Insurance in London for four years as an account executive and market underwriter for professional and financial lines.
Education: BA (Hons), Politics and International Relations from Royal Holloway, University of London
    20 February 2020 | Canadian Underwriter