Cyber protection: Preventing business paralysis

Despite insurers and brokers remaining committed to helping businesses protect themselves effectively, cyber insurance continues to remain a paradox.

With almost daily headlines around data breaches, ransomware demands and fresh phishing scams — not to mention the business paralysis and compromised capabilities that go hand in hand —you’d expect businesses to be keen to offset their exposure.

The misguided notion that specialist cyber cover is only for the big brands however, continues.

But the reality is that every company with any degree of dependency on digital systems faces real and rising exposure.

So that means we first need to help small businesses to understand the risks they are running, as well as the high potential cost of resolving issues in terms of both hard financial costs and lost time.

That means understanding how long will systems be down and how much that downtime will cost. How many hours, days, or weeks can you survive lost income from lost capability? Who will perform the response work? And who can you trust?

Cyber cover differs from traditional insurance in that it offers more than just financial compensation following a loss. At its core, cyber insurance is a service proposition, pure and simple.

Cyber Cavalry to the Rescue

In the event of a breach, cyber insurance really can be the cavalry coming to the rescue — a dynamic, quick-responding ‘business capability protection’ toolkit with a single point of contact to manage a wide range of specialist services and teams of people who can understand exactly what’s happened, and what to do next.

What use is a cheque when your systems have shut down, customer data lost, monies siphoned off, payroll and account information rendered inaccessible, and strategic business plans or trade secrets stolen?

What you need are forensic services to determine causes and fixes, specialist legal assistance, crisis communications consultancy, restoration and recovery experts and individuals experienced in dealing with cyber criminals who understand how to orchestrate a bitcoin payment if needed. And fast.

Sourcing these specialist skills is not in the traditional skill set of a small or even big business proprietor.

When this crisis hits, and it is a crisis in all senses of the word, you need tailored, real-time support and intervention to recover as quickly as possible and minimise long-term damage. That’s the value that dedicated cover brings. The ability to restore the business's capability for your vendors and customers.

Choosing to self-insure against such risks doesn’t just mean having to potentially fund thousands of pounds worth of losses out of your own cash flow; it means not having the skills in-house or easily available to tackle the crisis you’re facing when time is of the essence.

Only with the right interventions can businesses hope to overcome the commercial paralysis that inevitably goes hand in hand with cyber incidents.

In the simplest terms, cyber insurance is a response solution to a whole bunch of problems that you cannot fund or will need help to figure out.

From a business downtime, reputational damage and rising cost of losses point of view, can any UK business really afford to keep cyber risk on their own balance sheet?

Pen Logo Colour JPG

About Pen

Pen Underwriting is a multi-class, multi-territory managing general agent (MGA) that operates as a virtual insurer, meaning it can fulfil all the typical functions of an insurance company — from sales, distribution, pricing and product innovation through to claims, analytics and governance — except carry risk.

About Pen Cyber

Pen Underwriting’s specialist cyber insurance team is headed up by Adrian Scott, who played a key role in the development of the cyber insurance market in the US. Adrian’s expertise means that we have been able to develop an incredibly simple e-traded insurance product. Unlike most insurers who have an underwriting process with long applications, brokers can get a quote from our e-trading platform, Pen Central, by answering a few simple questions on behalf of their clients.

Adrian Scott
Adrian ScottGlobal Head -
Adrian Scott joined Pen in July 2016 and has over 25 years’ experience in professional and financial lines, including more than a decade in the cyber insurance arena. His experience encompasses a number of senior industry roles in the US at the forefront of the cyber sector, including Executive Vice President and Chief Underwriting Officer at Ridge Global, a cybersecurity firm founded and headed by former US Head of Homeland Security Tom Ridge.

Disclaimer: This note is not intended to give legal or financial advice, and, accordingly, it should not be relied upon for such.  It reflects our understanding as of 20th May 2020 and should not be regarded as a comprehensive statement of the law and/or market practice in this area.  In preparing this note we have relied on information sourced from third parties and we make no claims as to the completeness or accuracy of the information contained herein.  You should not act upon information in this bulletin nor determine not to act, without first seeking specific legal and/or specialist advice.  Our advice to our clients is as an insurance broker and is provided subject to specific terms and conditions, the terms of which take precedence over any representations in this document.  No third party to whom this is passed can rely on it.  We and our officers, employees, or agents shall not be responsible for any loss whatsoever arising from the recipient’s reliance upon any information we provide herein and exclude liability for the content to the fullest extent permitted by law. Should you require advice about your specific insurance arrangements or specific claim circumstances, please get in touch with your usual contact at Pen Underwriting.