Preparing for cyber insurance” is a practical new guide from FERMA that will help commercial insurance buyers prepare for their discussions with brokers and insurers and evaluate the policy offers that they receive.
A joint expert group from FERMA, Insurance Europe and the intermediaries’ association BIPAR developed a guide “Preparing for cyber insurance” in cooperation with Marsh and Aon. By promoting this dialogue, FERMA aims to make the purchasing process much more accessible to insurance buyers.
The guide is designed to support buyers by explaining what information insurers will seek when they underwrite cyber insurance and how to collect it. It also aims to help the buyers evaluate the cyber insurance proposals they receive in the context of their business needs.
Previously, insurers found that the information supplied to them regarding a buyer’s cyber risks and controls was not always relevant and could be improved. On the other hand, buyers felt that insurers’ requests were too demanding and technical. “Preparing for cyber insurance” addresses this source of frustration on both sides.
The EY Global Information Security Survey 2018-9 found that only 35% of 1400 respondents said they had cyber insurance that meets their needs.
As an OECD report on the cyber insurance market early this year commented: “Buying the right policies can be challenging, particularly for companies whose understanding of their own vulnerabilities may be sketchy. A lack of similar terminology and different approaches to offering coverage, along with the complexity of the policies themselves, add to the frustration and dampen buyer demand.”
In addition to promoting dialogue and clarity, “Preparing for cyber insurance” also hopes to minimise unnecessary regulatory intervention. In November 2017, a report from the European Union Agency for Network and Information Security (ENISA) proposed a harmonisation of cyber insurance questionnaires and coverage, although rapid developments are unlikely. FERMA believes the answer is increased dialogue and information exchange rather than more regulation and red tape, and this report aims to enable this.