Critiquing Cyber Insurance

Print Email
November 28, 2022 by Susanne Sclafane

Josephine Wolff, associate professor of cybersecurity policy for The Fletcher School at Tufts University, who spoke to Carrier Management about growing gaps in understanding of cyber insurance between insurers and policyholders in the accompanying article, “Broken Promises? Policyholders React to Cyber Insurer Exclusions, Claim Denials,” is also the author of a book on the subject: “Cyberinsurance Policy: Rethinking Risk in an Age of Ransomware, Computer Fraud, Data Breaches, and Cyberattacks.”

Below are a few of the insights Wolff delivered in excerpts from the concluding chapter of the book:

  • “Carriers have been counting on their ability to collect data and refine risk models to offer coverage in a new market before they understand the risks fully… assuming that time and data will make it possible to use the same techniques they have used for other risks in the past.” But they haven’t been able to do this. One reason: Cyber is not at a single type of risk. Instead, it interconnects with every other type of risk—crime, liability, property, etc.
  • “If public (government) funding is ultimately needed to help cover cyber risk, then insurers will be in a less powerful position to enforce cybersecurity standards.”
  • “Despite all the partnerships with security firms and years of collected claims data, insurers seem to have no greater insight into how to reduce a policyholder’s risk exposure…than they did when the market emerged in the late 1990s.”
  • “If [cyber insurance] doesn’t succeed in bolstering security standards, [it] could actually lead to the deterioration of policyholders’ security practices due to moral hazard.”
  • “The task that falls to insurers in developing cyber insurance is not just to model and understand a new class of risk but also to remodel and rethink every other existing class of risk they cover” because cyber risks are becoming increasingly intertwined with existing risks.
  • “When it comes to tackling cyber risk,…the most important thing insurers can do is to reinvent their old policies rather than write new ones.”
Print Email

Was this article valuable?

Here are more articles you may enjoy.

The U.S. Has Sustained 24 Billion-Dollar Disasters in 2024
Cyber Crime Climbs, 90% of Americans Have Been Targeted
Allstate October Catastrophe Losses of $286M Include Milton, Helene
How compliance automation helps carriers reduce the risk of regulatory finesCyber Threats, Climate and Business Interruption Risks Top Insurance Buyers/Sellers Concerns

Contributor

Susanne Sclafane

Related Articles

Cyber Insurers Working to Keep Up With Criminals

Our Contributors

Kevin GautFind Digital Transformation Scary? Consider What’s Lurking in Your Old Tech
Prakash VasantCEO View: How to Bolster Commercial Underwriting With AI Assistants
Corey PinkhamRedefining the Employee Experience for Today’s Workplace
Scott ShapiroThe Evolving GenAI Journey: Three Ways the Technology Is Impacting P/C Insurance
Sachin KulkarniAvoid Digital Transformation Remorse by Applying These Three Principles
Robert ShermanThe Compliance Imperative: How Louisiana’s House Bill 672 Is Reshaping the MGA and TPA Landscape
See All Our Contributors