Introduction

Isuna is currently exploring the cyber insurance market from a lens of data clarity and transparency. This is necessary to understand and improve mechanisms that increase pricing accuracy and better systems of coverage.
Through a series of case studies and interviews, Isuna is learning and sharing their insights about company strategies to overcome obstacles in the ever growing cyber insurance market.

Isuna was lucky to interview Yasin Chalabi, Manager for Professional Insurance & Cyber and Data Risks of the Benelux Region at Hiscox, who was directly involved in the development of the cyber insurance product, CyberClear. With his valuable insights we are proud to share insights about:

The cultivation and management of the cyber insurance product Cyber Clear
The challenges Hiscox faces in the cyber insurance market and their solutions

About Hiscox

Hiscox

Hiscox Ltd. is a global insurance provider originally established as an underwriting insurance company at Lloyd’s market in the UK. Hiscox focuses on niche components of the market which has allowed it to specialize in emerging markets and engage in innovative insurance product development. This is especially true in the cyber insurance market, which has a projected annual growth rate of 21.2% and is predicted to be worth 20 billion USD by 2025. Currently Hiscox offers one of the world’s top rated cyber insurance products namely, CyberClear.

CyberClear

CyberClear insures a company against consequences of hacking, lost data, system intrusion, data theft, and other data crimes. Started in 2010, the Cyber Clear product was formerly known as “Data Risk”, originating in the United States as part of a larger privacy product. Around 4 – 5 years ago the product was renamed to Cyber Clear and is now a standard insurance product used across all of Hiscox. CyberClear is growing and developing in prosperous ways, where it originated with a focus on privacy issues, and first-party costs, it now re-centers focus on business obstruction moving away from a traditional liability standpoint.

Challenges and Solutions

Challenge 1: Awareness of Companies

Companies dependent on the industry remain largely unaware of the costs incurred by cyberthreats. Only once it happens, are the survival-threatening costs recognized by organizations and do they consider the importance of cybersecurity coverage. Today that awareness is slowly growing as the world moves to an online workspace and has suffered more costs from cyber attacks than ever before. Hiscox faces this same challenge and has incorporated multiple solutions to overcome this obstacle of awareness.

Solution 1: Emphasizing Sales and Broker Relationships

Hiscox is sales oriented, this includes raising awareness around the risks of malware, ransom, but lso coverage for human error in cybersecurity. This extends to awareness on susceptibility of risk based on company relationships with their providers; sometimes a company will suffer a cyber breach based on a separate attack towards their provider that cost them damage. Nailing the sales strategy with emphasis on the range and breadth of cyber attacks has heavily paid off. This sales strategy in combination with the relationships with brokers allows the word to spread more effectively to target audiences. In the Netherlands the insurance market is run by brokers, creating an interdependent relationship between brokers and Hiscox. To reinforce the relationship means to establish transparent and trustworthy relationships between Hiscox, the broker, and the potential clients. This is seen through accessibility, and an instant response service.

Solution 2: Accessibility

Transparency and trust are met through the accessibility of the website of Hiscox. A company can receive insurance within 5 minutes of entering the website and see and see how quick they can get an offer and insurance. Furthermore, Hiscox offers an indepth cyber readiness questionnaire covering a multitude of dimensions that impact the cybersecurity positionality of a business and a CyberClear Academy, a platform for companies to actively learn how to protect themselves against cyberattacks. The ease of navigation and accessibility to resources from the hiscox side enhance the awareness factor for potential clients

Solution 3: Instant Response Service & Coverage

Finally, Hiscox provides more than compensation in the event of a cyber attack. A unique offering, Hiscox partners with separate organizations that entail services in the event of a cyber attack. Given the lack of awareness around cyber security, when a breach happens and a company does not know where to begin in terms of solving the problem, Hiscox includes an instant (24/7) response service feature that encompasses the forensics, the response, the regulatory investigation, etc. to fix the problem as well as offering compensation

”Companies dependent on the industry remain largely unaware of the costs incurred by cyberthreats. Only once it happens, are the survival-threatening costs recognized by organizations and do they consider the importance of cybersecurity coverage.”

Challenge 2: Pricing

Within the cyber insurance market the rapid exponential growth has led to a variation in pricing mechanisms for companies. Not only do insurance companies have variations in coverage, sometimes coverages are not equipped to the damage incurred after an attack on a client. Coherency and accuracy within cyber insurance is part of a larger issue the market and its stakeholders face. Given this, Hiscox operates with a business-centric approach and is multidimensional in their pricing strategy to best accommodate their clients.

Solution 1: Multidimensionality

Many factors make up the insurability profile of a client business, this can include standard signals such as company size, turnover, and industry, but also more nuanced factors such as how trained their employees are in cyber, the type of training, their level of dependence on third parties, the level of awareness based on their industry (for example, the IT industry is more aware than hospitality). The many dimensions are necessary to consider to create pricing, but also that different insurance companies will prioritize different factors in
their pricing mechanisms. In one situation years ago, Hiscox offered a 60 – 65k premium but saw their competitor offer 180k, it is important to question why the disparity existed and they sought after what factors were prioritized within competitor spaces.

Solution 2: From Liability to Business Perspective

The prioritizing factor within Hiscox has been a shift, from standard insurance practices, Hiscox takes a business-centric perspective rather than a standalone liability approach. This focuses on the number of days work is obstructed, or, the number of days a company is unable to work due to a cyber attack. Herein, the costs of damages are compensated in correspondence to how long the business is unable to operate and thus provides an extra level of protection and relief for the survivability of companies undergoing the stress after a cyber attack.

If you like this article or want to be part of the next cyber insurance case study, contact us directly and let us know info@isuna.net

Try our platform 14 days for free

No creditcard details needed.