Cybersecurity: Opportunities For Agents

CYBERSECURITY: OPPORTUNITIES FOR AGENTS

by G. Edward Kalbaugh

Federal funding for CyberSecurity is important to insurance agents for a number of reasons. Before discussing these reasons, let’s define CyberSecurity as any product or action that attempts to secure a wired or wireless network. These networks encompass a wide range of communication infrastructures, including wired and wireless internal office networks, external private networks, traditional public networks, the Internet, and the various networks used by local, state, and federal governments.

Among the various CyberSecurity products or services, virus protection is the most familiar to computer users. But for most businesses, CyberSecurity can provide a complete spectrum of risk identification, mitigation protection, and recovery requirements that focus on protecting the assets of the enterprise — assets that usually include information about the company and its customers. The professional responsibility of insurance agents puts them in an optimum position to work with clients in determining how best to protect those assets.

Insurance forms only one piece of this protection puzzle. To determine what other pieces might be required, the agent and client must apply a Total Risk Management (TRM) approach. TRM combines best-in-class experts, technology, processes, policies, and insurance to address a comprehensive cyber-risk cycle that includes risk assessment, mitigation-protection, and recovery.

Agents can — and should — participate in the TRM process with their clients, starting with risk assessment. If you don’t have knowledge and expertise in any aspect of CyberSecurity TRM, get professional assistance. For example, cyber-risk assessment must include network vulnerability and intrusion detection technology applied by specialists. Some insurers, and a number of network security companies, perform cyber risk assessment.

Once the assessment is complete and all exposures have been identified, the next phase is to implement 'mitigation protection' measures that reduce or eliminate the risk. Mitigation protection combines technology with policy and process measures that address internal people issues more than hardware issues. This is because insiders execute most security breaches. The last phase involves recovery or remediation if an exposure can’t be mitigated and the client suffers a loss.

Insurance programs that address CyberSecurity provide a wide range of coverages but don’t cover every conceivable cyber risk. So it’s wise to carefully consider all options in choosing an insurer and its cyber-risk policies. Coverages can range from Web Content Liability only, to include Professional Errors & Omissions, Network Security Liability, Cyber Extortion, Network Intangible Information Loss, Network Business Interruption, and funds for cyber-criminals and crisis communication.

The federal government expects private and public enterprises to increase protective measures against a rising tide of cyber attacks over the next several years. As an insurance professional, you’re in a position to assist your Commercial Lines clients and prospects in this defense.

Agents who learn more about CyberSecurity and establish relationships with network security firms that offer cyber-risk assessment and mitigation services will profit from additional fees and enhanced customer relationships.