image

Cyberwrite on REDY®: Helping Clients Understand & Quantify Cyber Risks

Companies around the globe rely on websites, computer systems, and digital connections with the world to do business. While organizations may have varying degrees of digital presence, every business is exposed to cybersecurity risks that can result in devastating financial loss due to steep regulatory fines, customer data loss, financial theft, or business interruption. Unfortunately, many companies struggle with understanding, quantifying, and mitigating their cyber exposure.

 

In fact, over 40% of businesses surveyed in a recent Hanover Cyber Risk Report, indicated they had no cyber insurance or limits of $1M or less, which may not adequately cover the cost of a cyberattack.2 Eager to help address these gaps and help businesses thrive, CRC Group has partnered with Cyberwrite to layer their technology into the REDY platform, enabling brokers and agents to better quantify the financial impact of cyberattacks and help companies optimize cybersecurity and insurance decisions.

Unfortunately, it can be difficult to close the cyber coverage deal because many organizations still don’t understand their need for cyber insurance. In addition, the tools available to quantify risk often generate complex, difficult-to- understand reports. Lengthy applications can also inspire clients to avoid seeking coverage or prevent real-time accuracy and client engagement. Historically, carriers have also had difficulty scaling underwriting for smaller companies, even though research indicates 43% of cyberattacks are aimed at smaller businesses.3

Now, more than ever, the financial risk and public relations risk of a ransomware event can be devastating. Ransomware attacks do not discriminate; the attackers seek the vulnerability in the network rather than targeting specific high-profile businesses. Any insured can be a target. A Cyberwrite report not only helps you identify any cyber exposure but can also be used to help answer the many questions that are now asked of a risk manager from board members, suppliers, vendors, and customers.

Cybercrime is set to cost businesses $5.2 trillion worldwide within 5 years. Source 3

WHAT IS CYBERWRITE?

Seeing an opportunity to make it easier for clients to know how much coverage to buy and why, a group of former Accenture, RSA, and insurance industry veterans founded Cyberwrite in 2017. Cyberwrite is a trailblazer in cyber risk quantification and mitigation solutions, aimed at empowering small to mid-sized companies in addressing cyber exposure. Over the last 4 years, Cyberwrite has developed innovative technology to improve cyber risk decision- making through its easy-to-use risk management tools. CyberProfileTM, an award-winning, proprietary AI risk quantification algorithm responsible for generating the reports, helps address the cyber exposure knowledge gap by succinctly summarizing each client’s unique risks. CRC broker and cyber risk specialist Tyler O’Connor says, “From a client perspective Cyberwrite provides very informative, actionable intelligence. It also benefits carriers because clients have more information about how to reduce risk and avoid a claim. Additionally, underwriters can better underwrite cyber coverage because of this kind of information mapping.”

HOW IS CYBERWRITE CHANGING THE WAY BROKERS AND AGENTS APPROACH CYBER COVERAGE?

The Cyberwrite platform gives insurance professionals another means of enhancing the customer experience through high-quality data and intuitive service. The platform also provides recommendations prioritized according to risk severity, bringing added value to the table at no extra cost to the customer. Brokers that have leveraged Cyberwrite technology to place accounts also report that claims are falling right within the platform’s estimated loss range.

Brokers can export a PDF of the report within just 30 seconds, choosing to send only the one-page report or adding additional data screens, coverage descriptions, or recommendations. Some brokers utilize the whole report, while others present only the Financial Loss Estimator or Risk Indicators. Cyberwrite gives each agent and broker the flexibility to adapt to every customer’s unique risks and needs. With an eye on both recent cyber events and the market, Tyler warns, “Cyber is no longer considered electable coverage. Over the last couple of years, it has moved from the back of the proposal to the front because it’s becoming a key discussion with clients. Ransomware is epidemic and even those with security measures in place can fall victim to a cyber incident. Cyber coverage isn’t just for big companies or those that handle massive amounts of data. It works to protect a wide variety of businesses, big and small, against financial loss due to business interruption, extortion, and cybercrime.”

Only 11% of businesses surveyed reported concern about cyberattacks threatening their supply chains, while 88% reported dependence on third-party suppliers. Source 2

HOW DOES CYBERWRITE WORK?

Over the last 4 years, Cyberwrite has utilized machine learning technology to gather a large dataset including 100,000 companies. Each insured is compared against an applicable subset within that database. Using advanced analytics and actuarial science, the platform calculates each organization’s risk distribution and provides a risk score as well as separate risk levels for a variety of categories. Customers like HSB, Lloyd’s syndicates, and MunichRe use Cyberwrite to calculate an insured’s benchmarked risk score and estimate the financial impact of a cyberattack. Every Cyberwrite report is generated using publicly available information from online sources, making the report non-invasive and quick to create. Familiar with the cyber reports provided by a variety of carriers, Tyler says, “Cyberwrite does a good job of organizing and condensing complex data that helps clients envision their total risk cost and more confidently allocate their IT and cybersecurity investment dollars.”

Creating a Cyberwrite report is easy and takes only a few minutes. The agent or broker inserts a company’s name, web address, sector, and location into the system. The Cyberwrite algorithm then pulls 150 types of data from the insured’s website and online sources to calculate the applicable risk level, how much coverage is needed, and of what type. The sector and geography inputs provide additional information about risks inherent to particular areas or industries. It takes under 5 minutes to generate 98.5% of Cyberwrite’s reports, and the remaining 1.5% of requests that require manual verification are usually available within 24 hours. The highly visual reports include a risk bar representing the overall probability that a company will suffer a cyber incident in comparison to similar industry peers of the same size. Each coverage area is scored using a combination of industry, geographic, and customer-specific data including digital exposure, prior cyber incidents, and attack surface.

Scored Coverage Areas: Financial Theft & Fraud Cyber Extortion Data Loss Business Interruption Incident Response Regulatory & Defense Breach of Privacy 3rd Party Liability

The Financial Loss Estimator portion of the report allows agents and brokers to use customer-specific information to answer 5 questions about past cyber incidents, type of data stored, security measures, online revenue, and cybersecurity/IT employee ratios. This information generates an immediate financial impact estimate that enables businesses to choose the right cyber policy limits to fit their needs. Illustrating a customer’s aggregated estimated loss as well as their estimated probable loss for an incident based on their specific data, completely transforms the conversation between agents and clients by making the data relevant and simple.

The global cyber insurance market is expected to expand from around $8B in 2020 to just over $20B by 2025. Source 1

BOTTOM LINE

As a business owner or senior leader, making sense of cyber risks can be expensive, time-consuming, and confusing. Partnering with CRC Group, a company committed to leveraging the best technology and tools out there to help clients make smart insurance decisions, now offers the added expertise of Cyberwrite’s platform. Cyberwrite’s Risk Report is not a replacement for an on-site full assessment and the scores don’t reflect internal cyber protection because the profiles are based on external information. However, the Cyber Risk Report summarizes key information every business must understand to make informed decisions around cyber insurance policies, cyber risk exposure, and cybersecurity investments. CRC brokers can access Cyberwrite via the REDY platform and are happy to assist interested agents by creating a Cyberwrite report. Contact your local CRC Group Producer with any questions you have about how we can help your clients protect themselves as members of today’s digital economy.

Contributor

  • Tyler O’Connor is a Broker with CRC Group’s Birmingham, Alabama office where he specializes in Healthcare Professional Liability, Cyber & Technology Risk, and Management Liability. He is also Co-Director of the Cyber & Technology Practice Group and a member of the Healthcare Practice Group.

ENDNOTES

  1. Cyber insurance - Statistics & Facts, Statista, February 1, 2021. https://www.statista.com/topics/2445/cyber-insurance/
  2. Most Firms Have Some Cyber Insurance But Gaps in Coverage Remain: Survey, Insurance Journal, April 30, 2020. https://www.insurancejournal.com/news/national/2020/04/30/566784.htm
  3. Cyberattacks Now Cost Companies $200,000 on Average, Putting Many Out of Business, CNBC, October 13, 2019. https://www.cnbc.com/2019/10/13/cyberattacks-cost-small-companies-200k-putting-many-out-of-business.html