➤ Third-party and regulatory requirements continue to drive demand for cyber insurance policies among small businesses.
➤ Renewal rates for cyber coverage is higher than any other line that CyberPolicy distributes.
➤ Chief among renewal trends has been the desire for higher limits.
Keith Moore brought his background with loan comparison company LendingTree Inc. into insurance as head of the P&C comparison platform CoverHound Inc. When the company decided to broker cyber liability insurance to small businesses, they found it was a far more complex undertaking compared to other commercial lines, Moore said. CyberPolicy advises on cybersecurity while acting as a managing general agent for cyber insurance backed by a dozen major carriers.
In an interview with S&P Global Market Intelligence, Moore said that among the difficulties in transitioning to distribution was figuring out how to tailor coverage for small businesses that have contracts or compliance needs that require high coverage limits. The following is an edited transcript of the conversation.
S&P Global Market Intelligence: What were the biggest challenges in wading into the insurance waters for your clients?
Keith Moore: Our biggest challenge, both in the cybersecurity market and in the cyber insurance market, was that there were not many products that were truly built for microbusinesses, small entrepreneurs or small businesses.
There is a ton of enterprise and medium-sized enterprise offerings in the cybersecurity space. They do not really focus on the truly small businesses, and the ones that do focus on small business are typically software do-it-yourself services. So there's a big learning curve for these businesses that they have a hard time getting over.
Keith Moore, CEO of CyberPolicy
Do you think you might want to go even deeper into insurance one day, like with underwriting?
We don't anticipate it now because we work with about a dozen really good carriers when it comes to cyber. We may get into the underwriting more just to create the product, but we'll probably never undertake the risk because our role is to be the trusted adviser sitting in the middle with a marketplace sitting behind us of truly good options.
Is there one major reason why small businesses are signing up for cyber policies?
The common theme today is that their current insurance providers are not giving them the cyber coverage they need either for a regulatory purpose or because a third party may require them to have cyber insurance. So a lot of people are out in the market actively looking for cyber insurance with specific coverage types and limits.
Most are required to have anywhere from $1 million to $2 million in coverage. But a lot of the typical insurance brokers today are only offering $50,000 in coverage. So [businesses] come to CyberPolicy and get a $1 million, $2 million or $5 million policy, and they can have a certificate of insurance pretty quickly in minutes to take back to whatever regulatory body or compliance body is requiring them to have the insurance.
Are there any trends that you have noticed for renewals?
If there are any changes in the renewal process it's usually an increase in coverage, and that increase is generally driven by a third party asking for more coverage.
The only time we don't see a renewal is typically when the company is going out of business.
What are the biggest emerging threats for which you are insuring or seeing claims?
I would say the biggest emerging threat is still email phishing attacks. We're seeing those across the board for not only consumers but small businesses as well.
There's also ransomware. But I would say when people put in the [CyberPolicy] services, when they apply the plan and prevention that we put together, a lot of ransomware is minimized. Of course, it's impossible to minimize it 100%.