Cyber Risk

More Buyers Seek Cyber Cover

More industry sectors are increasing coverage, while more focus is placed on damage to digital assets.
By: | November 3, 2015 • 4 min read

Cyber insurance is not just for retail organizations and health care companies any longer, the latest research shows. This year, brokers have begun seeing some fairly dramatic increases in the percentage of manufacturing clients, and power and utility firms purchasing stand-alone cyber policies, according to a new report from Marsh.


The trend illustrates the fact that more clients are seeing the need to cover risks associated with their technology not working and doing damage to digital assets, said Bob Parisi, Marsh senior vice president and technology product leader.

Take-up rates for cyber programs among existing Marsh clients in the power and utilities industry more than doubled from 9 percent to 19 percent from 2014 to 2015, according to Marsh’s midyear benchmarking report.

The report also found that manufacturing client purchasing cyber coverage rose from 6 percent to 11 percent.

In the past, Parisi said, client-facing companies in the retail, health care, and finance sectors had the lead in purchasing cyber insurance to protect the privacy of their customer data. That is still the case, he noted: For instance, both new and existing Marsh health care clients were the largest purchasers of cyber coverage (41 percent) in the first half of 2015.

At the same time, however, “other businesses have begun to realize that breaches could also corrupt or destroy their software, which is an asset like a building is an asset,” he said.

“More than 60 carriers now offer stand-alone cyber insurance policies.” –Insurance Information Institute

“This is property not typically covered under a property policy,” Parisi said, “since we are talking about protecting intangible assets from a physical peril like computers at a data center not working due to a virus.

“That is a critical change in the nature of the insurance buyer and what they are thinking of,” he added.

Cyber Purchases Increase

Marsh found that overall, the number of U.S.-based Marsh clients purchasing stand-alone cyber insurance increased 32 percent in the first-half of 2015, compared to a 26 percent growth rate in the first half of 2014.

Geoffrey Allen, executive vice president, cyber and E&O practice leader, FINEX North America

Geoffrey Allen, executive vice president, cyber and E&O practice leader, FINEX North America, Willis

Other brokers are seeing similar increases. Willis, for instance, saw 37 percent growth during the first half of this year, compared to 28 percent for the same period last year, said Willis’ Geoffrey Allen, executive vice president, cyber and E&O practice leader, FINEX North America.

The sectors showing the largest growth in purchase of stand-alone cyber insurance were the education sector (an increase of 155 percent in the first half of 2015) and transportation (an increase of 150 percent).

Also increasing, said Marsh’s Parisi, are the prices paid and limits sought by cyber insurance buyers.

“On average, our limit purchase has gone up,” Parisi said. “Limits were up 18.1 percent last year and it’s closer to 21.6 percent this year, he said.

Retailers on average paid 32 percent more for cyber coverage in the first half of 2015, Marsh found, compared to average price increases of 19 percent for all other industries.

“Premium increases [for retail companies] depended on a number of variables including size, loss experience, and information security controls and practices with emphasis on tokenization and encryption.” — Geoffrey Allen, executive vice president, cyber and E&O practice leader, FINEX North America

Willis also found that premium for retailers have increased generally of late, with many customers purchasing higher limits, Allen said.

“Premium increases depended on a number of variables including size, loss experience, and information security controls and practices with emphasis on tokenization and encryption,” Allen said.

Meanwhile, a new report from the Insurance Information Institute, found that insurance carriers are getting better at providing cyber coverage.

“Insurers are issuing an increasing number of cyber insurance policies and becoming more skilled and experienced at underwriting and pricing this rapidly evolving risk,” according to the report, “Cyber Risk: Threat and Opportunity.”

Robert Hartwig President Insurance Information Institute

Robert Hartwig
Insurance Information Institute

“More than 60 carriers now offer stand-alone cyber insurance policies,” according to the III, using Marsh statistics that found that the U.S. cyber insurance market totaled more than $2 billion in gross written premiums in 2014, with some estimates suggesting it has the potential to grow to $5 billion by 2018 and $7.5 billion by 2020.

The III report also confirmed that cyber rates are firming: “Industry experts indicate rates are rising, especially in business segments hit hard by breaches over the past two years.”

On the other hand, the report found, the risk may be too much for the private insurance sector to handle.

“Some observers believe that cyber exposure is greater than the insurance industry’s ability to adequately underwrite the risk,” said the III.


“In 2014, the number of U.S. data breaches tracked hit a record 783, with 85.6 million records exposed,” it said. “In the first half of 2015, some 400 data breach events have been publicly disclosed as of June 30, with 117.6 million records exposed.”

III noted that researchers have estimated the likely cost of cyber crime to the global economy ranges between $375 billion and $575 billion.

“Cyber attacks have the potential to be massive and wide-ranging due to the interconnected nature of this risk, which can make it difficult for insurers to assess their likely severity,” said the report.

“Several insurers have warned that the scope of the exposures is too broad to be covered by the private sector alone, and a few observers see a need for government cover akin to the terrorism risk insurance programs in place in several countries,” the group concluded.

Janet Aschkenasy is a freelance financial writer based in New York. She can be reached at [email protected]

More from Risk & Insurance

More from Risk & Insurance

4 Companies That Rocked It by Treating Injured Workers as Equals; Not Adversaries

The 2018 Teddy Award winners built their programs around people, not claims, and offer proof that a worker-centric approach is a smarter way to operate.
By: | October 30, 2018 • 3 min read

Across the workers’ compensation industry, the concept of a worker advocacy model has been around for a while, but has only seen notable adoption in recent years.

Even among those not adopting a formal advocacy approach, mindsets are shifting. Formerly claims-centric programs are becoming worker-centric and it’s a win all around: better outcomes; greater productivity; safer, healthier employees and a stronger bottom line.


That’s what you’ll see in this month’s issue of Risk & Insurance® when you read the profiles of the four recipients of the 2018 Theodore Roosevelt Workers’ Compensation and Disability Management Award, sponsored by PMA Companies. These four programs put workers front and center in everything they do.

“We were focused on building up a program with an eye on our partner experience. Cost was at the bottom of the list. Doing a better job by our partners was at the top,” said Steve Legg, director of risk management for Starbucks.

Starbucks put claims reporting in the hands of its partners, an exemplary act of trust. The coffee company also put itself in workers’ shoes to identify and remove points of friction.

That led to a call center run by Starbucks’ TPA and a dedicated telephonic case management team so that partners can speak to a live person without the frustration of ‘phone tag’ and unanswered questions.

“We were focused on building up a program with an eye on our partner experience. Cost was at the bottom of the list. Doing a better job by our partners was at the top.” — Steve Legg, director of risk management, Starbucks

Starbucks also implemented direct deposit for lost-time pay, eliminating stressful wait times for injured partners, and allowing them to focus on healing.

For Starbucks, as for all of the 2018 Teddy Award winners, the approach is netting measurable results. With higher partner satisfaction, it has seen a 50 percent decrease in litigation.

Teddy winner Main Line Health (MLH) adopted worker advocacy in a way that goes far beyond claims.

Employees who identify and report safety hazards can take credit for their actions by sending out a formal “Employee Safety Message” to nearly 11,000 mailboxes across the organization.

“The recognition is pretty cool,” said Steve Besack, system director, claims management and workers’ compensation for the health system.

MLH also takes a non-adversarial approach to workers with repeat injuries, seeing them as a resource for identifying areas of improvement.

“When you look at ‘repeat offenders’ in an unconventional way, they’re a great asset to the program, not a liability,” said Mike Miller, manager, workers’ compensation and employee safety for MLH.

Teddy winner Monmouth County, N.J. utilizes high-tech motion capture technology to reduce the chance of placing new hires in jobs that are likely to hurt them.

Monmouth County also adopted numerous wellness initiatives that help workers manage their weight and improve their wellbeing overall.

“You should see the looks on their faces when their cholesterol is down, they’ve lost weight and their blood sugar is better. We’ve had people lose 30 and 40 pounds,” said William McGuane, the county’s manager of benefits and workers’ compensation.


Do these sound like minor program elements? The math says otherwise: Claims severity has plunged from $5.5 million in 2009 to $1.3 million in 2017.

At the University of Pennsylvania, putting workers first means getting out from behind the desk and finding out what each one of them is tasked with, day in, day out — and looking for ways to make each of those tasks safer.

Regular observations across the sprawling campus have resulted in a phenomenal number of process and equipment changes that seem simple on their own, but in combination have created a substantially safer, healthier campus and improved employee morale.

UPenn’s workers’ comp costs, in the seven-digit figures in 2009, have been virtually cut in half.

Risk & Insurance® is proud to honor the work of these four organizations. We hope their stories inspire other organizations to be true partners with the employees they depend on. &

Michelle Kerr is associate editor of Risk & Insurance. She can be reached at [email protected]