Critiquing Cyber Insurance

Print Email
November 28, 2022 by Susanne Sclafane

Josephine Wolff, associate professor of cybersecurity policy for The Fletcher School at Tufts University, who spoke to Carrier Management about growing gaps in understanding of cyber insurance between insurers and policyholders in the accompanying article, “Broken Promises? Policyholders React to Cyber Insurer Exclusions, Claim Denials,” is also the author of a book on the subject: “Cyberinsurance Policy: Rethinking Risk in an Age of Ransomware, Computer Fraud, Data Breaches, and Cyberattacks.”

Below are a few of the insights Wolff delivered in excerpts from the concluding chapter of the book:

  • “Carriers have been counting on their ability to collect data and refine risk models to offer coverage in a new market before they understand the risks fully… assuming that time and data will make it possible to use the same techniques they have used for other risks in the past.” But they haven’t been able to do this. One reason: Cyber is not at a single type of risk. Instead, it interconnects with every other type of risk—crime, liability, property, etc.
  • “If public (government) funding is ultimately needed to help cover cyber risk, then insurers will be in a less powerful position to enforce cybersecurity standards.”
  • “Despite all the partnerships with security firms and years of collected claims data, insurers seem to have no greater insight into how to reduce a policyholder’s risk exposure…than they did when the market emerged in the late 1990s.”
  • “If [cyber insurance] doesn’t succeed in bolstering security standards, [it] could actually lead to the deterioration of policyholders’ security practices due to moral hazard.”
  • “The task that falls to insurers in developing cyber insurance is not just to model and understand a new class of risk but also to remodel and rethink every other existing class of risk they cover” because cyber risks are becoming increasingly intertwined with existing risks.
  • “When it comes to tackling cyber risk,…the most important thing insurers can do is to reinvent their old policies rather than write new ones.”
Print Email

Was this article valuable?

Here are more articles you may enjoy.

Hurricane Intensity Forecasts Can Be Improved With Sea Spray Effects
Lloyd’s Focuses on Delegated Authority Arrangements as Looming Market Risk
The Data Behind Rising Homeowners Premiums: By Peril and By State
2025 Predictions: Tech and UBI Growth, 5 Carriers to Exit Auto Market

Contributor

Susanne Sclafane

Related Articles

Cyber Insurers Working to Keep Up With Criminals

Our Contributors

Doug RossHow AI-Enabled Digital Twins Are Helping P/C Insurers Weather the Storm
Prakash VasantCEO View: How to Bolster Commercial Underwriting With AI Assistants
Sachin KulkarniAvoid Digital Transformation Remorse by Applying These Three Principles
Rohit VermaThe High Cost of Negative Consumer Perception
Kevin GautFind Digital Transformation Scary? Consider What’s Lurking in Your Old Tech
Corey PinkhamRedefining the Employee Experience for Today’s Workplace
See All Our Contributors