What Defines Market-Leading Cyber Claims Management?

From Slovenia to Ecuador, these spots offer a variety of activities for solo travelers.

Recently, many leading insurers have applied transformative solutions to enhance their cyber insurance products. With the cyber insurance market projected to double to $29B by 2027, we explore what defines market-leading cyber claims management.

In this blog, we will delve into the complexities of handling cyber insurance claims, the essential skills required by claims adjusters, and the steps insurers must take to achieve excellence in cyber claims management.

The Complexity of Cyber Claims

The most comprehensive cyber insurance coverage addresses a broader range of perils than most other insurance products:

• First-party coverages: This includes damage to devices, network damage, physical property damage, and damage to digital assets. It also covers theft or damage to intangible assets, theft of funds, and costs associated with recovery, restoration, and remediation. Financial losses due to business interruption, lost business opportunities, reputational damage, ransomware, and extortion are covered. Additionally, expenses related to investigations, notifying affected third parties, and damage to intellectual property (such as patents and trademarks) are included.
  
• Third-party coverages: These encompass contractual and legal liability, regulatory proceedings, and multimedia liability. Coverage extends to civil damages, compensation, payment card loss, errors and omissions (E&O), technology professional liability, miscellaneous professional liability, and network security and privacy liability.

For a large multinational corporate business with both B2B and B2C customers, handling a potential large-scale cyber claim becomes highly complex for claims adjusters. Similar to an oil spill, cyber breaches are catastrophic, cross geographical boundaries, and evolve unpredictably. They can critically impact businesses, societies, and vital national infrastructure, such as hospitals, water systems, and airports.

The complexity extends further. Cyber insurance claims present unique challenges for today’s claims adjusters due to their intricate technical nature, involving IT systems, both tangible and intangible assets, cybersecurity protocols, digital forensics, and the constantly evolving regulatory landscape concerning data protection, AI protection, and privacy law across all jurisdictions involved.

Additionally, a cyber claims adjuster must be adept at coordinating a diverse group of specialists, such as IT forensic experts, data experts, forensic accountants, credit monitoring experts, legal breach counsel, public relations professionals, crisis management experts, and ransomware attack specialists.

The Skills of a Cyber Claims Adjuster

The skills required for a cyber claims adjuster are diverse and encompass several critical areas:

• Knowledge Requirements: A cyber claims adjuster must hold advanced, industry-recognized qualifications and often have a background in Errors & Omissions (E&O), Trade Credit, Political Risk, and/or Crisis Management. They must possess practical knowledge of both first- and third-party cyber coverages, reserving, evaluation, and risk management processes, typically gained through previous experience in cyber claims or broker advocacy.

• Experience Requirements: The industry is currently facing a shortage of skilled talent. It is crucial for adjusters to understand the roles of various experts involved in cyber claims. Practical experience is key to managing these experts effectively, ensuring rapid claim response, proper mitigation to prevent further losses, and complete claim resolution. While cyber claims have grown in complexity and volume, many adjusters come from auxiliary lines of business. A significant gap is often seen in proficiency with IT systems, cybersecurity protocols, digital forensics, and an in-depth understanding of evolving regulations and legislation regarding IT, AI, GDPR, and consumer privacy, especially when dealing with technology-based companies and bespoke insurance coverages.

• Operational Responsibilities: Cyber claims adjusters must determine the existence, cause, and scope of a breach while managing the key activities in cyber claims management. This includes selecting and managing the appropriate incident response team, assessing the breach’s impact on the customer’s business, and ensuring compliance with data protection and privacy regulations. They must also identify fraud triggers and provide feedback to underwriting risk controls and actuarial tables.

• Customer Segment Knowledge: Strong knowledge and experience with various customer segments, ranging from SMEs to large multinational corporations, is essential for a cyber claims adjuster. Since cyber insurance is still an emerging and rapidly evolving product, insurers face the challenge of determining whether to organize their cyber claims team as a dedicated line of business or integrate it into existing centers of excellence (CoEs) for SME, mid-market, and multinational clients.

 

Emerging Risks and Challenges

Determining the existence, cause, and scope of a breach is becoming increasingly complex due to the expansive coverage offered by cyber insurance, the rapid evolution of technology, and the systemic risks associated with breaches. The emergence of Generative AI (Gen AI) adds further complexity, as it enhances both the capabilities of cyber attackers and cyber defenders, leading to more sophisticated attacks on a daily basis.

The Strategic Steps for Market-Leading Cyber Claims Management

In conclusion, there are four key components that insurers must get right to become market leaders in cyber claims management:

1. Fit-for-Purpose Claims Application: Insurers need a claims management application tailored for cyber claims, capable of supporting adjusters in managing incident response teams and experts. The application should feature comprehensive master data management for the 100+ relevant cyber claims data points and expert-specific access permissions.
2. Continuous Development Programs: Insurers must invest in ongoing training and development programs to keep adjusters proficient in evolving cyber risks, technological advancements, and the opportunities and challenges posed by Gen AI.
3. Cyber Saferooms: Insurers should establish comprehensive cyber saferooms that provide a secure environment for pre-incident advice, training, incident response planning, and notification services. These saferooms must also support collaboration with independent legal breach counsel, with the right guardrails in place.
4. Real-Time Data Feedback Loops: Leading insurers implement scalable infrastructures that feed continuous data from claims back into actuarial tables and underwriting risk controls. This ensures that technical pricing is informed in real-time, based on loss history and other key variables.

By addressing these components, insurers can position themselves as market leaders in cyber claims management, prepared to handle the complexities and emerging risks of the modern cyber insurance landscape.