The first search engine with an ability to directly compare cyber insurance policies is now available to insurance brokers, and the company who developed it said they will soon offer subscriptions to businesses.
Touting the software’s ability to compare coverage quickly and isolate gaps, developers of the Cyber|Decider search engine STORM Guidance told delegates at the launch in Lloyd’s of London’s Old Library they have thus far input 16 insurers’ policies into the search engine wholesale and have plans to include others.
STORM Guidance chief executive Neil Hare-Brown told Riviera Maritime Media that full-coverage cyber insurance policies are uncommon in the maritime sector, and that his insurance comparison engine would give companies a way to compare the aspects of coverage that most concerned their business interests.
“It depends on what you do in marine – if you’re a cruise line that has loads of customer data your primary concern may be protecting that, but if you’re a freighter it’s probably industrial control issues,” Mr Hare-Brown said.
He forecasted that the insurance market would focus in on cyber insurance language to develop specific cyber policies and cited the recent ransomware attack on container shipping giant Maersk as a case study to which many insurance companies would refer.
“In terms of marine, I think it will become more of a specialist area. There will be more policies that are tailored to the market, especially around business interruption,” he said.
“Maersk are suffering – there’s a very long tail on that, as well. It’s amazing how a truly global business can suffer so far down the line.”
Ultimately for insurers, Mr Hare-Brown said “You’ll see more compensation around just-in-time supply chain issues – and many of [the policies] are not really optimised for that at the moment.”
Although the Cyber|Decider search engine is aimed at saving time for insurance brokers who serve small to medium enterprises (SMEs), Mr Hare-Brown said he was ready to sell subscriptions to larger organisations, such as shipping conglomerates, whose inhouse risk management teams do their own research and “effectively broker to themselves”. He was quick to point out that many global businesses enter into bespoke policy agreements with insurers.
For smaller groups, however, the 16 insurance providers included in the software cover 80% of the policies sold. Currently, according to consultant Diane Jenkins who helped to develop the product, less than 10% of SMEs buy cyber insurance, leaving a great deal of companies vulnerable to the costs associated with cyber attacks.
And those costs, according to Mr Hare-Brown, are growing.
“Unfortunately, businesses can no longer absorb the worst-case losses they could absorb 15-20 years ago.”
Ms Jenkins agreed, saying “The difference in policy coverage in the business interruption sections is quite stark. Some will only cover you for 90 days or less.”
Put in real-world terms, Ms Jenkins pointed back to the Maersk attacks. It has just gone 90 days since the attacks, and, she pointed out, Maersk still haven’t tracked down some of their containers.
“How much business interruption loss are they going to face?” she asked. “We just don’t know yet.”