How to present cyber insurance to small businesses

How to present cyber insurance to small businesses

How to present cyber insurance to small businesses
By 
Pathpoint
Jan 28, 2021
LinkedIn Icon

Meghan Hannes is Hiscox's Cyber Product Head. We sat down with her for a conversation on how retail agents should approach selling cyber insurance to small businesses.

Cyber insurance has long been considered an “add on,” when agents approach renewals with their small business clients. It’s seen as a consideration just for “tech based” businesses, or as a pesky add on required by regulators, not an essential part of being fully covered.

This is an overly-simplistic view with potentially harmful consequences, because the cyber threat landscape is changing faster than the technology landscape can keep up. Malicious actors are developing and releasing malware at such a pace and level of efficiency that even the Silicon Valley tech giants can’t match.  

Data breaches at large companies often receive widespread news coverage, but that doesn’t mean small businesses don’t also experience devastating losses when they are hacked. Ransomware doesn’t discriminate, and can and does affect organizations of all sizes, from the micro organizations up through Fortune 500s.

“Small businesses are not only the lifeblood of this country, but they are what make the world go round,” so when they experience catastrophic cyber attacks, it is important to take note and find a solution, says Meghan Hannes.

Step One: Educate yourself on cyber risks

The best first step is for agents to learn about cyber risk itself. Since it’s an ever-evolving field, this might seem daunting, but Meghan has some tips:

“Just like news anchors can articulate complex breaches in simple terms, agents can do the same. They should be familiar with the top perils of the day such as ransomware, data theft and denial of service attacks. Agents can accomplish this just by watching the news and keeping up with stories about data risks. It’s a digestible, easy way to keep up, without diving into the complex world of cyber risk.”

Step Two: Educate your clients on their risk

Cyber is a peril like no other and poses a threat to normal operations. Every business, big or small, has a need for cyber insurance, but may not know it. That is where educated agents can come in and help explain how everyone has cyber risks. As Meghan says, “[Hiscox has] been approached about cyber insurance for a taco stand.”

“Cyber is considered a complex product, but it really comes down to being peril based.” Any business that has an online presence or is not entirely cash based likely has material cyber risk, even if there is only a sole proprietor. Businesses also have a data privacy obligation to regulators if they hold any data that could be used to personally identify its clients and employees. As long as people’s data is stored by a company, there is risk.

Step Three: Educate your clients on what comes with a good policy

A few reasons why Cyber insurance is particularly important for small businesses:

  1. Balance Sheet Protection: Just like large companies, small businesses need to protect their assets and balance sheet from the financial damage of a cyber attack.
  2. Access to Cyber Security Expertise & Services: small businesses often don’t have an expert to turn to when something goes wrong. Cyber insurance often gives easy access to specialists, so expert advice is just a phone call away. In Hiscox’s case, responses to calls are provided 24/7 when an event occurs. This offers a big value proposition to small businesses: they don’t need to know who the experts are or do the research, they can let their carrier do the work for them.
  3. Cyber Risk Mitigation: Resources from the carrier may also help prevent an incident in the first place: for example, Megan mentions Hiscox’s Cyber Clear Academy, which helps educate businesses to stave off the risk of potential losses.

Hiscox’s goal with their cyber policies is to create a meaningful insurance solution, and they keep small businesses at the top of their mind as they work towards this goal.

This article is not intended to provide specific legal or regulatory advice or suggest the adequacy or appropriateness of any particular insurance product. Insureds are always advised to seek the advice of their own legal and risk management advisers with respect to potential liabilities or the adequacy of any insurance product.


More From Our Blog

Explore all posts