In Partnership with
Cyber insurance coverage reaches maturity stage
Even with recent price fluctuations, insurance companies are able to write for, and build in protections against, cyber threats like ransomware and data privacy violations, according to our expert panel
Lindsey Nelson
CFC
Industry experts
Jeremy Barnett
LOKKER
Jacob Ingerslev
Tokio Marine HCC
Shiraz Saeed
Arch Insurance
Nelson oversees the global business development strategy across CFC’s cyber portfolio, and is responsible for key account management, distribution, and new business growth strategy, and internal development across a team of over 90 underwriters. Having nearly a decade of experience underwriting cyber and technology risks previously at Chubb and overseeing the international cyber team at CFC, Nelson’s expertise in cyber has seen her in demand for a wide range of conferences across Europe and North America while she continues to play an active role in underwriting strategy.
CFC
Lindsey Nelson
Barnett leads LOKKER’S global sales and marketing efforts for Privacy Edge, LOKKER’s online data privacy suite of tools. He has spent the past decade leading product innovation in cybersecurity, previously at cyber insurance carrier Tokio Marine HCC and Cyberscout.
LOKKER
Jeremy Barnett
Jacob Ingerslev joined Tokio Marine HCC – Cyber & Professional Lines Group (CPLG) in 2022. He has over 20 years of experience in a wide range of underwriting disciplines across the US, European, and Lloyd’s insurance markets. Jacob joined CPLG from The Hartford, where he was chief underwriting officer for the cyber risk and technology E&O business for five years. Prior to this, he was head of US technology E&O, cyber and media liability at CNA. As senior vice president of cyber & tech, he is responsible for developing all aspects of the cyber proposition, bringing a particular focus to broker relationships, ongoing technological innovation, and product development to accelerate the group’s continued growth.
Tokio Marine HCC
Jacob Ingerslev
Shiraz Saeed leads the cyber risk product for Arch Insurance. Shiraz is responsible for the strategic direction of the underwriting, distribution, and marketing of the cyber risk products and services offered by Arch. Shiraz joined Arch in 2021 and has over 10 years in the cyber risk industry. Prior to joining Arch, Shiraz had earned a BA in finance from Hofstra University and an MBA in strategic management from Pace University. He started his tenure in the insurance industry within the professional liability division of American International Group (AIG) and quickly progressed to become part of the cyber risk product team responsible for the east coast territory. Most recently Shiraz was the practice leader for cyber risk at Starr Global Insurance, where he oversaw the strategic direction of their cyber risk products and services. With his extensive experience, Shiraz is able to help stakeholders both internally and externally better understand the complexity of cyber risk, while also working with them to create solutions to help manage it.
Arch Insurance
Shiraz Saeed
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Tellus in penatibus condimentum malesuada ante vulputate nisi, arcu leo. Amet urna sapien purus vestibulum fermentum a. Cursus metus massa donec sed varius. Nunc enim sit morbi lacus, molestie et nunc. Nullam sed facilisi id malesuada. Ante purus velit, quam scelerisque ultrices scelerisque donec.
Velit egestas vel ornare pellentesque ridiculus. Mauris tempor augue quis mattis suspendisse feugiat commodo posuere. Faucibus massa adipiscing nullam elit, ac vel accumsan. Phasellus eget ac dignissim fermentum ac placerat elit, metus. Nulla porttitor ante egestas molestie quis quam. Pharetra magna sit mauris tellus gravida rutrum libero sit. Justo orci cras euismod proin massa lorem ut. In non tellus phasellus faucibus ullamcorper nullam odio dui et.
Vault Plus Mortgage and Finance Consultancy
David Merison
“The price now matches where the exposure is.… We have reached maturation and adulthood now”
Lindsey Nelson
CFC
CYBER AND PRIVACY risks are ever-evolving, but the market continues to mature when it comes to managing that risk.
With discussions about pricing and exposure to the fore, there was no shortage of conversation during Insurance TV’s latest expert panel discussion on the cyber insurance market.
“We have been in a hard market for three to four years,” said Jacob Ingerslev, senior vice president, cyber & tech E&O, Tokio Marine HCC Cyber and Professional Lines Group. From his point of view, even if it feels like the market is in a stabilizing phase, he was seeing “some pretty substantial coverage-tightening relative to cyber war, widespread events, and infrastructure exclusions.”
Ransomware remains a clear and present danger, with attacks against industrial organizations having increased by 87 percent in 2022. Financial institutions flagged nearly $1.2 billion worth of likely ransomware-related payments in 2021, according to the US Treasury Department.
For Nelson, ransomware remains the “number-one [thing] that drives claim payments being made and how costly those can be regardless of size of business.” However, there was good news on this: “Ransomware, for us, in the last quarter of 2022, was down 24 percent” in terms of frequency.
Lindsey Nelson, cyber development leader at CFC, said that the market is in a very different position now from where it was at this time last year.
“The price now matches where the exposure is,” Nelson said. The cyber field had gone through “a teenage phase of growing up. We have reached maturation and adulthood now,” to get to a “place of stabilization.”
Shiraz Saeed, vice president, cyber risk product leader, Arch Insurance, said that companies were “looking for
Cyber insurance pricing increased 10 percent from January 2022 to January 2023, according to figures from Marsh McLennan. But back in early 2022, the market had already seen a 110 percent annual price increase in the first quarter of that year.
With ransomware claims looking “much more severe” than ever before, according to Nelson, and brokers advocating for “very broad coverage” for their customers, “now we know the appropriate price to charge for that.”
There were different reasons for this: the disbanding of criminal groups because of the war in Ukraine, improved security postures, heightened sanctions, and the creation of proactive cyber services units. Speaking of CFC’s unit, she said, “Their sole responsibility is to work with clients to prevent cyber attacks.” In fact, they have had to warn clients about real or perceived threats more frequently than they have had to deal with cyber attacks after the fact.
Saeed pointed to two other “super important” issues: business email compromise or fraud, for which he said frequency has been greater than ransomware, as well as the “wrongful, unauthorized, unlawful or illegal” collection and sharing of private information, where “you’re seeing significant fines and penalties being issued.”
Read on
CFC recently polled more than 2,400 of their brokers on the challenges of selling cyber.
“The overwhelming majority said it was a client, and specifically IT person, not believing that they required cyber insurance or thinking that they had everything under control,” Nelson said. “In a perfect world, you would want to be speaking to anyone outside of the IT department when you are talking cyber insurance. But the reality is they are very much needed in filling out the paperwork.”
Her number-one piece of advice would be to emphasize that cyber insurance is not replacing IT.
“What cyber insurance is providing is incident response, she said. “IT and incident response are two completely different functions with two very different skill sets.”
The two can “complement each other very well,” according to Nelson.
Barnett agreed.
“The whole notion of proactive services as a benefit of getting insurance is paramount,” he said. “Your insurer will help you with an incident response plan with tabletop exercises to test your system” to help them feel out any vulnerabilities, which can be a great benefit.
“To me it comes down to frequency and severity,” said Ingerslev. “What is the risk of having an incident, and how much is it going to cost?”
Saeed used a single word for his answer: “Operations.”
“Can you operate your organization or your business without a computer system or being connected to a computer system?” he asked. “In the twenty-first century, that is very, very hard.” Without a plan in place, does your budget have the money set aside to help cover restoration and recovery of your data, extortion, notifications, incident response? If not, and you have a computer system, “well, you have the exposure. So I’ll leave that up to you whether you want to be uninsured, or you want to transfer that risk over to a carrier.”
CFC is a specialist insurance provider, pioneer in emerging risk, and market leader in cyber. Our global insurance platform uses cutting-edge technology and data science to deliver smarter, faster underwriting and protect customers from today’s most critical business risks. We offer 50 products across 20 different lines of insurance, an award-winning claims team, and the largest cyber incident response capability in the market. Headquartered in London, with offices in New York, Austin, Brussels and Brisbane, CFC has over 700 employees and is trusted by more than 100,000 businesses in 90 countries.
Find out more
LOKKER is a Silicon Valley-based data privacy technology company creating software for organizations to protect their online customers’ personal information. LOKKER’s Privacy Edge™ platform is a SaaS-based solution that automates detection and mitigation of unauthorized web trackers, pixels, and tags that lead to privacy compliance violations, fines, and reputational damage. Its solution protects companies and their customers from third-party data risk without affecting the web-user experience. For more information visit lokker.com.
Find out more
Tokio Marine HCC is a member of the Tokio Marine Group, a premier global company founded in 1879 with a market capitalization of $43 billion as of December 31, 2022. Headquartered in Houston, Texas, Tokio Marine HCC is a leading specialty insurance group with offices in the United States, Mexico, the United Kingdom, and Continental Europe. Tokio Marine HCC’s major domestic insurance companies have financial strength ratings of A+ (Strong) from S&P Global Ratings, A++ (Superior) from A.M. Best, and AA- (Very Strong) from Fitch Ratings; its major international insurance companies have financial strength ratings of A+ (Strong) from S&P Global Ratings. Tokio Marine HCC is the marketing name used to describe the affiliated companies under the common ownership of HCC Insurance Holdings, Inc., a Delaware-incorporated insurance holding company. For more information about Tokio Marine HCC, please visit www.tokiomarinehcc.com.
Find out more
In Partnership with
Cyber insurance coverage reaches maturity stage
Even with recent price fluctuations, insurance companies are able to write for, and build in protections against, cyber threats like ransomware and data privacy violations, according to our expert panel
Read on
Shiraz Saeed
Arch Insurance
Jacob Ingerslev
Tokio Marine HCC
Jeremy Barnett
LOKKER
Lindsey Nelson
CFC
Industry experts
Nelson oversees the global business development strategy across CFC’s cyber portfolio, and is responsible for key account management, distribution, and new business growth strategy, and internal development across a team of over 90 underwriters. Having nearly a decade of experience underwriting cyber and technology risks previously at Chubb and overseeing the international cyber team at CFC, Nelson’s expertise in cyber has seen her in demand for a wide range of conferences across Europe and North America while she continues to play an active role in underwriting strategy.
CFC
Lindsey Nelson
LOKKER’S global sales and marketing efforts for Privacy Edge, LOKKER’s online data privacy suite of tools. He has spent the past decade leading product innovation in cybersecurity, previously at cyber insurance carrier Tokio Marine HCC and Cyberscout.
LOKKER
Jeremy Barnett
Jacob Ingerslev joined Tokio Marine HCC – Cyber & Professional Lines Group (CPLG) in 2022. He has over 20 years of experience in a wide range of underwriting disciplines across the US, European, and Lloyd’s insurance markets. Jacob joined CPLG from The Hartford, where he was chief underwriting officer for the cyber risk and technology E&O business for five years. Prior to this, he was head of US technology E&O, cyber and media liability at CNA. As senior vice president of cyber & tech, he is responsible for developing all aspects of the cyber proposition, bringing a particular focus to broker relationships, ongoing technological innovation, and product development to accelerate the group’s continued growth.
Tokio Marine HCC
Jacob Ingerslev
Shiraz Saeed leads the cyber risk product for Arch Insurance. Shiraz is responsible for the strategic direction of the underwriting, distribution, and marketing of the cyber risk products and services offered by Arch. Shiraz joined Arch in 2021 and has over 10 years in the cyber risk industry. Prior to joining Arch, Shiraz had earned a BA in finance from Hofstra University and an MBA in strategic management from Pace University. He started his tenure in the insurance industry within the professional liability division of American International Group (AIG) and quickly progressed to become part of the cyber risk product team responsible for the east coast territory. Most recently Shiraz was the practice leader for cyber risk at Starr Global Insurance, where he oversaw the strategic direction of their cyber risk products and services. With his extensive experience, Shiraz is able to help stakeholders both internally and externally better understand the complexity of cyber risk, while also working with them to create solutions to help manage it.
Arch Insurance
Shiraz Saeed
In Partnership with
Cyber insurance coverage reaches maturity stage
Even with recent price fluctuations, insurance companies are able to write for, and build in protections against, cyber threats like ransomware and data privacy violations, according to our expert panel
Read on
Shiraz Saeed
Arch Insurance
Jacob Ingerslev
Tokio Marine HCC
Jeremy Barnett
LOKKER
Lindsey Nelson
CFC
Industry experts
Shiraz Saeed leads the cyber risk product for Arch Insurance. Shiraz is responsible for the strategic direction of the underwriting, distribution, and marketing of the cyber risk products and services offered by Arch. Shiraz joined Arch in 2021 and has over 10 years in the cyber risk industry. Prior to joining Arch, Shiraz had earned a BA in finance from Hofstra University and an MBA in strategic management from Pace University. He started his tenure in the insurance industry within the professional liability division of American International Group (AIG) and quickly progressed to become part of the cyber risk product team responsible for the east coast territory. Most recently Shiraz was the practice leader for cyber risk at Starr Global Insurance, where he oversaw the strategic direction of their cyber risk products and services. With his extensive experience, Shiraz is able to help stakeholders both internally and externally better understand the complexity of cyber risk, while also working with them to create solutions to help manage it.
Arch Insurance
Shiraz Saeed
Jacob Ingerslev joined Tokio Marine HCC – Cyber & Professional Lines Group (CPLG) in 2022. He has over 20 years of experience in a wide range of underwriting disciplines across the US, European, and Lloyd’s insurance markets. Jacob joined CPLG from The Hartford, where he was chief underwriting officer for the cyber risk and technology E&O business for five years. Prior to this, he was head of US technology E&O, cyber and media liability at CNA. As senior vice president of cyber & tech, he is responsible for developing all aspects of the cyber proposition, bringing a particular focus to broker relationships, ongoing technological innovation, and product development to accelerate the group’s continued growth.
Tokio Marine HCC
Jacob Ingerslev
Barnett leads LOKKER’S global sales and marketing efforts for Privacy Edge, LOKKER’s online data privacy suite of tools. He has spent the past decade leading product innovation in cybersecurity, previously at cyber insurance carrier Tokio Marine HCC and Cyberscout.
LOKKER
Jeremy Barnett
Nelson oversees the global business development strategy across CFC’s cyber portfolio, and is responsible for key account management, distribution, and new business growth strategy, and internal development across a team of over 90 underwriters. Having nearly a decade of experience underwriting cyber and technology risks previously at Chubb and overseeing the international cyber team at CFC, Nelson’s expertise in cyber has seen her in demand for a wide range of conferences across Europe and North America while she continues to play an active role in underwriting strategy.
CFC
Lindsey Nelson
Share
Share
Share
Is ransomware still the leading threat in the market?
Published 24 Apr 2023
Arch Insurance North America is part of a global insurer offering superior coverage and service. We participate in specialty lines in which the talent and knowledge of our employees are a competitive differentiator. We serve North America from offices in the United States and Canada, providing superb coverage and claims handling through careful and diligent underwriting of risks and business-friendly solutions. With 20 years of operating history and strong financial ratings, our track record remains solid.
Find out more
“Brokers are the ones who are educating the market. They know what questions to ask, they know how to translate the technology and insurance lingo”
Jeremy Barnett,
LOKKER
“To me it comes down to frequency and severity. What is the risk of having an incident, and how much is it going to cost?”
Jacob Ingerslev,
Tokio Marine HCC
“You’re seeing significant fines and penalties being issued”
Shiraz Saeed,
Arch Insurance
similar baseline controls,” and that “markets are going to sharpen their pencils and come in with better pricing, better retentions. Because an organization has taken the time, resources, and effort to improve their posture.”
Jeremy Barnett, chief commercial officer, LOKKER, noted that “cyber carriers, brokers, and insurtech solutions are more innovative and adaptive to the criminal environment and changing regulatory environment.”
What led to the cyber pricing situation?
But it was not just a remediation against severe losses; it was also “future-proofing against the very real threat of systemic risk,” in the future.
“I think we are fooling ourselves if we think that we are ever going to be solving cyber risk or prevent it from happening in the first place,” Nelson said.
For Saeed, there are a couple of main pillars that carriers look at when coming up with pricing. This varies among carriers, but includes factors such as complexity of risk, amount and type of private information, revenues, security and governance controls, and loss history.
“Looking from a holistic approach at all these different pillars is how an organization will come up with a price.”
Ingerslev predicted “a stabilizing market in the next few quarters [and] what we are going to see is other things than price coming into play.”
“Service is key,” said Ingerslev.
However, he said, when it becomes more competitive, it is necessary to “exercise high service levels.” Another differentiator is helping insureds mitigate losses better than the competition.
Data privacy lawsuits and enforcement actions have been top of mind lately in the industry.
Barnett and his company, LOKKER, have been carrying out forensic work to identify data privacy leaks and issues affecting clients’ web properties, working with defence attorneys and their clients and insurance partners.
How have the various data privacy lawsuits affected cyber claims?
With increased enforcement, plaintiffs may feel “emboldened,” said Barnett. Many organizations are “inadvertently sharing data” through trackers like the Facebook pixel and adtech that are sharing user information with third parties.
“Companies are being sued for a range of these issues,” he said.
“There is no perfect way to underwrite to it,” said Ingerslev. “The biggest challenge, if you are covering this, is it’s a complicated web of federal and state regulations.”
For Saeed, there is a wide range of coverage challenges. Some policies give an express grant of cover – others include an express exclusion, some with defence costs only and some that are “silent, meaning they don’t speak to it and don’t speak against it.” He went on to say that “some people refer to it as wrongful, some people refer to it as illegal, and some people refer to it as unlawful.”
What it comes down to is, “Was this or was this not an intentional act, or a fraud versus a mistake” regarding how the information was gathered and disclosed.
There is a sense among brokers that, in order to sell cyber products properly, “they have to speak the IT jargon and become the IT professional as well,” said Nelson. However, this can pose a conversational barrier between them and their clients.
She advised making use of the resources available to a client through the insurance company. “Simplification is everything,” she said.
Explaining that they are buying into a service, which may include a cyber security team that can help them in times of crisis, is critical. “It’s no longer a specialist product,” Nelson said.
“[Brokers] are the ones who are educating the market,” said Barnett. “A better-educated broker makes for a better marketplace. They know what questions to ask; they know how to translate the technology and insurance lingo to make it business-sensible for their customers.”
Saeed noted that integrating people from the security operations sector as part of the underwriting process on the carrier and broker side, something that Arch has done, is important and could have benefits for both sides. People from a security operations background bring different perspectives to the underwriting and brokering environments, as they have practical experience with security tools.
He also cautioned that many brokers do not have the “luxury” of being able to focus exclusively on cyber.
Ingerslev said that some selling still needs to be done to let clients know that they are getting more than just a cyber policy when they sign up – they are also getting access to experts who can help them better protect their attack surface.
How can brokers improve their education around cyber?
Overcoming “It won’t happen to me” syndrome
Sobering Sober Statistics
Proportion of homes with computers infected with malicious software
Average money and time lost worldwide annually by each consumer dealing with online crime
Facebook accounts hacked every single day
Cyber-crime ranking of the imposter scam, with one in five people reporting a financial loss
Percentage of American adults who have had their personal information exposed to cyber criminals
Percentage of Americans who have received at least one online scam offer
Source: Cybersecurity & Infrastructure Security Agency (USA)
1/3
#1
47%
65%
600,000
USD
$358 and +21 hours
Insurance industry cyber crime impacts
Percentage of ransomware-related claims that involved recovery expense losses
Number of cyber insurance claims 2022 caused by business email compromise scams
Estimated value of cyber insurance premiums by 2025 (per Statista)
Percentage of organizations in the US that have a standalone cybersecurity insurance policy
Percentage of SMEs in the US that have bought cyber insurance for the transfer of risks
Percentage of data breach claims with insurance exclusions that resulted in non-payout or partial payout
Source: Astra
81%
34%
43%
27%
$20 billion
1,153
Copyright © 2023 KM Business Information US, Inc
RSS
Sitemap
Contact us
About us
Conditions of Use
Privacy policy
Terms & conditions
People
Copyright © 2023 KM Business Information US, Inc
RSS
Sitemap
Contact us
About us
Conditions of Use
Privacy policy
Terms & conditions
People
Copyright © 2023 KM Business Information US, Inc
RSS
Sitemap
Contact us
About us
Conditions of Use
Privacy policy
Terms & conditions
People
Sobering Sober Statistics
Proportion of homes with computers infected with malicious software
Average money and time lost worldwide annually by each consumer dealing with online crime
Facebook accounts hacked every single day
Cyber-crime ranking of the imposter scam, with one in five people reporting a financial loss
Percentage of American adults who have had their personal information exposed to cyber criminals
Percentage of Americans who have received at least one online scam offer
Source: Cybersecurity & Infrastructure Security Agency (USA)
1/3
#1
47%
65%
600,000
USD
$358 and +21 hours
Insurance industry
cyber crime impacts
percentage of ransomware-related claims that involved recovery expense losses
Number of cyber insurance claims 2022 caused by business email compromise scams
percentage of data breach claims with insurance exclusions that resulted in non-payout or partial payout
Source: Astra
81%
27%
1,153
$20 billion
the estimated value of cyber insurance premiums by 2025 (per Statista)
percentage of organizations in the US that have a standalone cybersecurity insurance policy
34%
percentage of SMEs in the US that have bought cyber insurance for the transfer of risks
43%
Contact Us
Specialty
Best in Insurance
Resources
Risk Management
TV
News
Contact Us
Specialty
Best in Insurance
Resources
Risk Management
TV
News
Contact Us
Specialty
Best in Insurance
Resources
Risk Management
TV
News