The Next Phase in Cyber Insurance
Updated: Dec 23, 2020
Cyber claims have departed from lost laptops and basic malware claims and the industry is now realizing that it's less prepared to deal with this new reality. Our current reality is:
Claims teams are facing daily occurrences of complex claims that involve destruction and business interruption.
The severity and frequency of claims has forced claims into auto-pilot mode with limited oversight.
The knowledge gap between claims teams and the service providers has grown widely.
Claims teams are being bombarded with technical questions from insureds that they are uncomfortable answering.
New vendors who bring in new techniques and toolsets that are foreign to what claims teams have seen in the past.
This is the reality that we are now facing, a reality that may seem almost insurmountable. Enter MOXFIVE. We are positioned to help carriers fill that gap in technical expertise. MOXFIVE works in tandem with claims teams, Breach Coaches, and forensic providers to streamline the breach response process and address potential coverage issues as early as possible in the claims life cycle. The result — peace of mind for the insured and the carrier.
The following outlines just a few areas where a Technical Advisor can have a significant positive impact on the breach response process and, most importantly, the insured.
Access to Experts
A Technical Advisor should be available to insureds for the duration of their policy. With this, the insured has access to experts who can provide technical guidance on a variety of topics including the insured’s security roadmap, how to prioritize pre-breach services, input on internal projects and how they can positively impact the security posture of the organization. The Technical Advisor is with the insured for the duration of their policy, specifically before, during, and after a security event.
The Technical Advisor exists to support all key players involved in the breach response process and ensure they have everything that is needed for an efficient breach response strategy. They’re best suited to identify possible investigative rabbit holes, inefficient business recovery activities, or potential technical items / tasks that may not be aligned with the policy coverage. A Technical Advisor is able to do this as they sit above the weeds and can monitor things with a fresh perspective. Working closely with the claims teams, the Technical Advisor can flag potential issues early on to the insured so that they can work more closely with the claims teams who can provide the appropriate coverage assistance to the insured. A Technical Advisor helps calm the chaos and allows the Breach Coaches and forensic vendors to stay focused on providing the best service possible to the insured during the response efforts.
For the carriers, the Technical Advisor seamlessly integrates into the existing claims team and is a both a reference point for clarification on technical claims and a mentor to help expand the technical skill sets of the claims teams. The Technical Advisor can identify emerging trends early in their cycle and help avert large losses while others are just entering the learning curve. A good example of this is the rise in Business Email Compromises (“BEC”). These cases saw a massive increase in costs due to extensive data mining and notification services on top of an exhaustive investigation. The Technical Advisor is positioned to spot this trend, identify a solution (whether a new process or new tooling), and open access to that solution so that insureds get a better experience and the carriers mitigate unreasonable costs.
Post Event Support
Just as the start of a breach response effort is critical, so too is the ending. After a lengthy sprint, most victims want to get back to business as usual and the aftereffects of the incident can sometimes quickly be forgotten. It’s at this moment that the Technical Advisor provides massive value to the insured to help shape their security roadmap and prioritize the list of items they are looking to tackle. The support does not end there, additional follow up provides a separate check-in to see how things are progressing and gives an opportunity to answer any questions that may have popped up as the remediation efforts continue. They serve as a true advisor to the insured throughout their policy. The result — a safer, more secure insured with reduced risk to the carrier.
The cyber threat landscape continues to evolve, and we must evolve with it. It’s hard to predict the future but the trends speak for themselves. Cyber claims are increasing in both severity and frequency. The existing systems we put in place got us to where we are today, but alarms are starting to sound, and gaps are starting to widen. It’s time we upgrade the system so that we are better equipped to respond to today’s threats with a breach response process that doesn’t sacrifice quality while keeping costs reasonable.