Upsurge in Cyber Crime Results in Increased Underwriting Scrutiny

Upsurge in Cyber Crime Results in Increased Underwriting Scrutiny

Cyberattacks, ranging from phishing and ransomware to denial-of-service attacks and cloud-service interruptions, continue to increase in both frequency and sophistication. Cyberattacks ramped up even more when COVID-19 forced businesses to shift to remote work, with information on the pandemic used as a hook.

This increase highlights the importance of cyber coverage for businesses of all sizes. Cyber insurance policies are designed to guard against cybercrime and data breaches. It typically provides coverage for network security and data privacy liability, business interruption, ransomware, social engineering fraud, and expenses related to breach notification requirements.

While the need for protection is increasing, obtaining or renewing cyber coverage could prove more difficult as carriers look to trim losses. As with nearly all lines of commercial insurance, cyber insurers are tightening their underwriting guidelines and clarifying coverage intent in their policy language. Additionally, they are using third-party tools to evaluate cyber risk and making coverage decisions based on those results. Deficiencies which could influence an insurer to not provide coverage include:

  • Outdated software, which is visible within its public-facing website or network presence
  • Open ports
  • Inefficient encryption protocols for web-based communication
  • Lack of multi-factor authentication requirements

To get out in front of a potential non-renewal or non-coverage decision, you need to prepare. Here’s what you need to know if you’re purchasing cyber insurance for the first time or headed into a renewal:

  • Begin your submission or renewal process 90 to 120 days out. This will allow time to address any gaps in cybersecurity.
  • Review your current policy. Conduct a close review of your current policy, taking business changes into consideration, to determine if coverage remains adequate.
  • Review cyber-related loss history and risk controls. Use this insight to update procedures, risk controls, business continuity plans, restoration and recovery procedures, and incident response and recovery plan guides. If controls are deficient, address those vulnerabilities now.
  • Submit a complete and accurate insurance application. Gather data in advance and be prepared to answer questions related to COVID-19 impacts, such as how you’re responding to increased cyber risks and how you’re training employees to avoid phishing and other social engineering scams. Make sure you highlight any improvements you’ve made to your cybersecurity practices and controls that improve your resiliency to cyber events.
  • Follow up on submission and ask for an early response. Your broker should keep in touch with carriers to ensure an early response so that there is ample time to deal with any unforeseen issues, such as a decision to not provide coverage. The sooner you know about a problem, the better you can address it.

Your broker can help you with these steps and play a key role in ensuring a favorable cyber policy underwriter evaluation. If you have questions about cyber liability, connect with a member of our team.

insurance renewal checklist graphic


© Copyright CBIZ, Inc. and CBIZ CPAs P.C. (together, “CBIZ”). All rights reserved. Use of the material contained herein without the express written consent of the firms is prohibited by law. This publication is distributed with the understanding that CBIZ is not rendering legal, accounting or other professional advice. The reader is advised to contact a tax professional prior to taking any action based upon this information. CBIZ assumes no liability whatsoever in connection with the use of this information and assumes no obligation to inform the reader of any changes in tax laws or other factors that could affect the information contained herein.

CBIZ is the brand name for CBIZ CPAs P.C. and CBIZ Advisors, LLC (together), a national professional services company providing tax, financial advisory and consulting services to individuals, tax-exempt organizations and a wide range of growth-oriented companies. CBIZ Advisors, LLC is a fully owned subsidiary of CBIZ, Inc. (NYSE: CBZ). CBIZ CPAs P.C. is an independent CPA firm that provides audit, review and attest services, and works closely with CBIZ, a business consulting, tax and financial services provider. CBIZ and CBIZ CPAs P.C. are members of Kreston Global, a global network of independent accounting firms. This publication is protected by U.S. and international copyright laws and treaties. Material contained in this publication is informational and promotional in nature and not intended to be specific financial, tax or consulting advice. Readers are advised to seek professional consultation regarding circumstances affecting their organization.

Upsurge in Cyber Crime Results in Increased Underwriting Scrutinyhttps://www.cbiz.com/Portals/0/Images/cyber renewal.jpg?ver=Z-qIOeuyrfvK1_s9-IIwUQ%3d%3d~/Portals/0/PackFlashItemImages/WebReady/cyber insurance.jpgWith an increase in cybercrimes comes an increase in underwriting scrutiny. Here’s what you need to know if you’re purchasing cyber insurance or headed into a renewal....2020-09-28T14:31:35-05:00

Cyberattacks, ranging from phishing and ransomware to denial-of-service attacks and cloud-service interruptions, continue to increase in both frequency and sophistication. Cyberattacks ramped up even more when COVID-19 forced businesses to shift to remote work, with information on the pandemic used as a hook.

Risk MitigationCorporate Recovery ServicesCyber & Information SecurityProperty & Casualty InsuranceYes