- 57% of respondents have ERM programs in place, just slightly improved over last year.
- 95% have at least some concern over the hardening P&C market (see chart below).
- 22% are not aware of changes in property risk modeling.
- 72% have not purchased network security/privacy liability policies.
The share not purchasing Cyber Risk insurance (network security, data breach, privacy, etc) is concerning. The survey was focused on larger companies, so the percentage of smaller companies not purchasing the coverage is likely higher.
The responses for not purchasing Cyber coverage were:
- 41% – their own internal IT department/controls were adequate
- 25% – they do not believe that they have a significant data exposure
Instructive was the most important factor mentioned for buying: expertise.
When respondents did purchase cyber-protection, expertise was the single-largest determinant in the purchasing decision, with 45% ranking it as number one and another 19%, number two...pricing was not the most influential factor in selecting coverage, suggesting that respondents are not simply shopping for the lowest rates, but rather are interested in comprehensive coverage and carriers that are committed to the business.
Cyber Risk coverage is not well understood, but there is more than enough information available to educate clients (see prior post here). For example, we have an approach to ease the educational challenges for retail agents and brokers, and for their customers. As a wholesale broker, we provide Cyber Risk Insurance to all types organizations through retail insurance agents and brokers.