Cyber ​​Insurance Standards Speed ​​Up, Pushing FAs to Do Tougher Risk Assessments

Insurance premiums tend to be more expensive due to the possibility of something happening and the expected cost of repairing the damage. And cyber insurance, all of these things are growing rapidly.

And since advice systems are, by nature, filled with personal and confidential information about clients and their finances, financial advice technology systems can be an attractive target for cybercriminals.

As cyber attacks become more and more frequent, some brokers, such as Counselor Group, They have established programs to help counselors get the protection they need, as stated.

In the first six months of 2022, at least 2.8 billion crimes were recorded, an increase of 11% from the previous 12 months, and the first rise in global malware in more than three years, according to the cybersecurity company. SonicWall. In August, a Securities and Exchange Commission convicted 18 people for hacking many merchant accounts.

Also, the need for cyber insurance within companies has grown. In fact, 33% of financial firms will employ technology in 2020, up from 26% in 2016, according to a recent study. Government Accountability Office report.

Josephine Wolffassistant professor of cybersecurity policy at Fletcher School of Law and Diplomacy at Tufts UniversityIt is said that although the premiums remained stable until 2019, the last few years have seen a significant increase.

“It was a big rise in 2019 [and] 2020 on the number of ransomware threats and the number of ransomware claims. And to achieve this, we have seen a significant increase in premiums for all policy holders of all types, operators and different types of insurance and brokers,” he said.

And while data breaches at large enterprises can take many forms, ransomware doesn’t just target the big fish.

The 2021 Cyber ​​Claims Study is NetDiligence they found no correlation between the cost of the incident and the victim company’s income. Indeed, 99% of cyber insurance claims between 2016 and 2020 were made by businesses with less than $2 billion in annual revenue.

Wolff said there is concern that spending more money on cyber insurance premiums will cause companies to tighten their cybersecurity budgets, only creating more risk.

“So there’s a real risk that people are buying online insurance and then not doing anything else to protect themselves because that’s what they’re spending all their money on. Or now they have insurance and feel they don’t need it.”

Fred Kate, founding director of Indiana University‘s Center for Applied Cybersecurity Research, He said it is inevitable that the cost of the higher premiums is being passed from the policy holders to the advisors to the client.

“The price is so high, I’d be surprised if it wasn’t offered,” Cate said.[E]even the most profitable businesses in the long run may struggle to pay the growing cost of cyber insurance without breaking the bank. “

Insurers should limit the number of deductibles as well, he said. Cate likened the coverage to writing a pollution insurance policy.

“One thing that these two have in common is that the damage insurance industry used to be dominated by a few large verdicts. The more verdicts, the insurance won. And even if they paid, they paid very little money,” he said. “But there were enough big verdicts that the insurance companies were scared.” ,” he said.

Insurers are also pushing companies to strengthen their internal controls, in a way that fulfills responsibilities that regulators would otherwise do, Cate said.

“So, the carrier says they will only write insurance if you do the following 75 pages to protect your security. More and more, having good cyber insurance is a sign that you can have good cyber security measures, because the insurance provider will be diligent,” he said.

Daniel Sooprincipal for DeloitteRisk and financial advisory services, he said the need for cyber insurance is also driven by the understanding that cyber threats are risks that companies cannot protect against.

“There is a realization that there is a need for cyber insurance to cover things that they cannot cover on their own. So having a policy that protects them is a way to shift the risk.”

In some cases, policyholders may use the fact that they have insurance as a marketing message, Soo said.

“And I think even consumers, whether it’s businesses or people like you and me, these are things we don’t take for granted anymore.”