In Part 4 of our Cyber Insurance 101 series, we took a deep dive into data breaches and the importance of data breach coverage. In this final part of the series, we’ll look at claims handling and the critical role of cyber claims handlers in ensuring appropriate policy payouts.
As we mentioned in previous posts in this series, cyberattacks are rising. And despite widespread efforts to mitigate security threats, cyber criminals are continuing to succeed through increasingly sophisticated tactics. Last year, cyberattacks and data breaches jumped by 15% over the previous year. And that trend is proving to continue so far in 2022.
Unsurprisingly, the amount of cyber claims has also jumped in recent years to match this increase in attacks. As such, the need for cyber claims handling expertise is also on the rise.
What is Cyber Claims Handling?
Much like general insurance claims, cyber insurance claims handling is a service provided by an insurance company to an insured in order to effectively deliver on the promises made in an insurance contract. For insurance companies, the delivery of excellent claims handling is considered a critical competitive differentiator. Those that do it well, earn a reputation as a reliable and trustworthy provider with which clients will continue to do business.
Given the relatively nascent state of cyber insurance, however, expertise in cyber claims handling remains quite a niche. And that’s largely due to the fact that many insurers offer cyber insurance as a bundled offering — rolled into a larger corporate insurance package. As a result, many claims handling departments have yet to develop finetuned procedures that are specifically designed to deal with cyber claims.
For the insured, this lack of cyber claims expertise is concerning. Given the proven trend towards increasingly more sophisticated cyber attacks, the threat to most companies is no longer a question of ‘if’, it’s a question of ‘when’. With that in mind, companies need not only proper cyber coverage but also reliable cyber claims handling services to ensure their contracts are properly honored.
The Critical Role of the Cyber Claims Handler
So where do we go from here? The answer rests with the insurers.
Looking ahead, insurers offering cyber insurance coverage must institute claims handling departments designed specifically for cyber insurance. Much like standard claims handling departments, cyber claims handling will become a key competitive differentiator in a future of growing cyber crimes. While shopping for coverage, the increasingly wary business owners will be swayed by those insurers that can demonstrate they have cyber handling expertise onboard.
And a key player in that demonstration is the cyber claims handler.
Similar to other insurance claims handlers who master their specific area of business, the cyber claims handler is tasked with becoming a definitive expert in all things cyber insurance.
As part of their role, these handlers work closely with various vendors (data forensics, breach experts, and more) and internal players to develop a holistic understanding of the cyber attack. From this collaboration, the cyber claims handler is then able to map out the course of the attack — identifying both how a breach happened and the overall impact of the breach.
The handler will also closely examine the different components of the insured’s policy to identify the full coverage protection as it relates to the breach. The handler’s expertise is critical here as many cyber policies often have numerous coverages baked in that other claims handlers might not easily identify.
Following the review of the breach and the policy, the cyber claims handler will then work closely with the insured to ensure an appropriate payout (assuming the insured followed policy security protocols).
Seek Out Experienced Claims Handlers
When assessing a cyber insurance provider’s claims offering, it's important to understand the level of experience of the staff handling the claims. It's also important to understand whether the claims team is part of the carrier/MGA or if it has been outsourced to a third-party administrator (TPA). TPAs, while they may have experience, may be limited in how they can make decisions regarding claims. And the ability to make sound decisions, rapidly, is extremely important when considering cyber claims.
Prospective insureds have many factors to consider when purchasing cyber coverage. The amount of coverage offered and the exclusions are generally a large part of that assessment, however, the claims department handling any potential claims should also be a major component of the due diligence that is performed prior to making a decision of which carrier to choose.
That concludes our Cyber Insurance 101 series. If you haven’t already, be sure to check out the previous posts in the series: