To effectively navigate the cyber insurance market, companies should prepare their submission early, work closely with their information technology department and ensure they have multifactor authentication, said a risk manager Thursday at the Risk & Insurance Management Society’s TechRisk/RiskTech conference.
Kristin Peed, corporate director of risk management at Cleveland-based CBIZ Inc., said that with cyber rates increasing dramatically and insurers cutting back on capacity, it helps to get submissions in early.
“I’ve heard a lot of horror stories” of insurers that were so inundated with new business applications last June that they “couldn’t get through them,” she said.
Those who submit their application early are “ahead of the game,” with underwriters more likely to look at it and offer better terms and conditions, she said.
“Make friends with your IT department,” Ms. Peed said, adding that she depends on CBIZ’s department to keep her updated on what it is doing so she can share that information with underwriters.
Most insurers will not provide a quote if a company does not have multifactor authentication, which is now a common practice, Ms. Peed said. “Without it, you are risking nonrenewal, retention hikes or 100% premium increases,” she warned.
Ms. Peed said other tips to successfully obtain coverage include preparing the board of directors early on to be ready for the hard market; training employees so they do not become victims of phishing or other scams; getting to know in advance the insurer’s panel of providers that assist in breach incident response; conscientiously reporting cyber incidents to the insurer; and working with specialized cyber brokers.