To become cyber leaders, insurers should shift from offering pure products to broader prevention and response solutions.
Technology brings a new range of threats to both tangible (e.g. property) and intangible (e.g. reputation) assets, many of which are not covered by established insurance policies, leaving organizations of all types dangerously exposed to the impact of cyber perils.
Cyber insurance has focused primarily on digital assets. However, with the scale, frequency and impact of cyber incidents increasing, many traditional insurance lines like home, property, energy and aviation are transitioning to cyber insurance.
Our discussions with industry experts support this trend and predict that the cyber insurance sector will undergo several waves of development to expand from digital assets to encompass physical assets, as well as other asset classes such as reputation, intellectual property and business interruption. The faster the insurers can unravel the complexity of modeling and pricing these risks, the quicker they can seize a share of this exciting, expanding market.
This represents a great opportunity, but also a big challenge for insurers, who need to move their coverage from products to managing risks, preventing incidents, and responding to incidents. Insurance companies are creating teams that focus on cyber insurance risks, but in this paper we recommend that they adapt their organizational structures to ensure that cyber is integrated into everything they do, possibly creating standalone cyber insurance centers of excellence that bring together cyber risk modeling, crisis management and digital platforms.