Catherine Aleppo – Sales Director for the UK arm of Cowbell, a leading cyber insurance provider for SMEs – explores the increasingly critical role insurance brokers play in supporting their SME clients to understand and mitigate cyber risks. She shares her insight on how they can supercharge confidence levels in their clients and themselves.
The cyber threat landscape is evolving at a rapid pace – and without access to advanced threat intelligence and monitoring capabilities it’s very difficult for organisations to keep up.
Triggered by everything from increasingly sophisticated cyber attacks and a shortage of cybersecurity professionals, through to new security challenges brought on by emerging tech and the need to meet regulatory compliance requirements – organisations of all sizes are finding themselves both challenged and vulnerable.
While SMEs may not always consider themselves prime targets for cybercriminals, it’s this lack of awareness, coupled with their size and limited resources, that can actually make them more exposed. Not only perceived as easier targets with potentially weaker defences, but with 5.5 million SMEs in the UK, targets are in abundance.
What’s more, the consequences of a data breach – which can include financial losses, reputational damage, legal liabilities, business interruption and regulatory fines and penalties – can be just as damaging for an SME as they are for larger organisations and often much harder to recover from.
Despite this, many SMEs lack the experienced in-house expertise – as well as the outside tools and services to track potential threats – that’s needed to navigate this complex environment. Nowadays, most organisations outsource at least one IT function to third-party providers, which increases their attack surface to vendors whose security measures they don’t have full control over. What’s more, where businesses are experiencing rapid growth, they may struggle to scale their cybersecurity infrastructure to match the expanding business operations.
Given these challenges, SMEs need cyber risk transfer solutions that are tailored to their specific circumstances, with an emphasis on cost-effectiveness, simplicity, and education. And it is here that brokers play a vital role. Acting both as trusted advisors and strategic partners, they can help safeguard SMEs in a number of ways:
1. Educating your clients and guiding them to make informed business decisions
Some brokers fall into the trap of deciding on behalf of their clients that addressing cyber risk isn’t a priority. Or where brokers lack confidence or knowledge in the coverage they shy away from talking about cyber insurance altogether.
However, brokers who don’t address cyber insurance with their clients risk exposing themselves to liability if a client experiences a cyber incident and finds that their insurance coverage is inadequate. Clients need to know that without cyber insurance, it’s highly likely they will have no coverage for their digital assets, their loss of profits caused by a cyber event, or protection against modern day crime.
And arguably more valuable to many SMEs will be knowing that they get not only financial protection and access to incident response experts when the worst happens, but also a whole host of risk management tools and services that work proactively for them to stop potential vulnerabilities becoming compromises.
2. Shift perception of cyber insurance from cost to necessity
It’s crucial to help SMEs recognise the integral role technology plays in their operations and the impact it could have on their ability to operate if that technology is denied or fails. While cyber insurance may seem like an added expense, it’s more about safeguarding the core of their business operations, especially in today’s digital age where technology underpins nearly every aspect of their work.
Rather than being viewed as an expense, it should be viewed as an investment in business continuity and protection against potential cyber threats that could disrupt their operations, tarnish their reputation, and lead to financial losses.
3. Stay ahead of the curve
Keeping abreast of the ever evolving risk landscape is essential for brokers and their clients. This is why it is so important for brokers to make use of the support and services they can get from cyber specialist insurers. Some, like Cowbell, offer cyber awareness training and monitor the market daily for emerging threats, delivering on-demand access to risk insights and threat remediation services and proactively notifying policyholders impacted by new threats or security weaknesses. This helps the broker and client stay ahead of the curve and can mean the difference between an incident and a near miss.
Ultimately, clients expect their broker to advise them on their business risks and exposures, and with growing dependency on technology and computer systems, cyber risk simply cannot be ignored. While cyber insurance isn’t a statutory requirement like Employers’ Liability, it must be considered as a core insurance purchase, or at the very least, discussed in depth to allow clients to make informed business decisions. Otherwise, not only is the broker doing their client a disservice, but they could find themselves being sued should that client suffer a cyber incident and feel they were mis-sold, or worse still, not even made aware that standalone cyber risk insurance products exist.