Cyber Insurance for Small and Medium Enterprises is the fastest growing market segment in the Insurance industry¹ globally. Yet less than 20% of the Small and Medium Enterprises (SMEs) have a Cyber policy today². This proportion is extremely low given that 43% of cyber-attacks are targeted towards SMEs and more than 60% SMEs go out of business post an attack³.

To find out probable reasons, one can get into the shoes of a typical SME owner, say Oliver, 45, from Queensland (Australia). Oliver, who runs a jewelry and accessories business, is excited about online operations and is growing his digital operations. However, Oliver is worried about Cyber Security. Unlike a large business, Oliver has limited resources and knowledge in this field. A local IT vendor and a friend offers help with purchasing some security software. But Oliver is not sure if it is adequate to protect his growing business against ever-evolving online threats.  

Purchasing a Cyber Insurance policy is also an option. But Oliver understands little about insurance (indemnity) policies. It’s confusing, full with complex jargons and lacks transparency on how insurers calculate payable losses against claims.

Oliver could be just one representative amongst 2.3 Million Australian SMEs⁴ who seek complete protection, both through cyber security and insurance. However, the current market views Cyber Insurance and Protection services as discrete offers. This is a major gap and represents a great opportunity for Insurers.

Bridging the gap with Cyber Security Ecosystem     

An Insurer led Cyber Security Ecosystem (CSE) ties Cyber Insurance and Cyber Protection together to build a scalable, highly adaptive and robust digital service delivery model as depicted in Figure 1. 

Figure 1: Cyber Security Ecosystem: Broad layout, services and key players

The CSE ties Security and Insurance services from multiple service providers together and offers a tailor-made solution based on threat vectors and business needs of various SME personas. Insurers are naturally positioned to develop innovative and holistic propositions that protect their customers and help in increasing cyber resilience. Insurer’s role is more inclusive and evolves from pure risk indemnification to holistic protection.

Insurer-led CSE is a great strategic investment that helps them to differentiate, gain competitive advantage and grow their business, while at the same time increase connection and engagement with their customers.

Further, CSE offers a win-win model for each of the stakeholders as depicted in Table.

Table 1: Cyber Security Ecosystem advantage

The success strategy with Cyber Security Ecosystem   

As mentioned earlier, SMEs have distinct risk profiles and limited resources compared to large corporates. With these unique characteristics, CSEs are well-positioned to be an acceptable and the preferred mode of risk mitigation for SMEs.

Further, CSE is helpful in creating a virtuous cycle for clients and insurers by successfully collaborating risk mitigation with evolving technologies.  As insurance protection and monitoring is in-built, it helps to reduce the possibility of attacks and enhance trust between the client and the insurer.

Innovation, cross industry collaboration and efficient delivery model are three crucial success factors that will shape the end customer experience and ultimately, success of the CSE. Insurance companies need to invest in building these elements as a part of their strategy.

Two other elements that are crucial in the success of a CSE are Price Points and Go to Market plan. Pricing options need to be evolved with a considerable flexibility for the SME customers. The pricing models need to be built basis the bundled services, SME composition, industry types and number of devices covered.

Go to Market strategy will largely depend on the ability of the insurers to bring up new distribution partners i.e. resellers, IT vendors, service integrators etc. who influence the decision making by SMEs. Crafting a value proposition for each of these partners will largely determine the success of the initiative.

Towards cyber resilience

Thought leadership and execution capabilities of insurers in binding the above elements together will certainly help them gain cutting-edge market leadership in one of the biggest growth opportunities in global insurance market. Post COVID-19 pandemic, businesses will use technology at a much larger scale. Cyber risks will continue to emerge and SMEs will scout for better ways to mitigate them. The time is just right for insurers to start and build a Cyber Security Ecosystem  to reap maximum benefits. 

References

¹https://www.pymnts.com/news/security-and-risk/2019/cyber-insurance-market-expected-to-reach-15b-by-2022/  

²https://www.insurancebusinessmag.com/us/news/cyber/the-battle-for-sme-clients-in-cyber-insurance-173455.aspx

³https://www.cnbc.com/2019/10/13/cyberattacks-cost-small-companies-200k-putting-many-out-of-business.html

https://cybersecurityventures.com/60-percent-of-small-companies-close-within-6-months-of-being-hacked/

⁴https://www.asbfeo.gov.au/sites/default/files/documents/ASBFEO-small-business-counts2019.pdf

⁵https://www.gminsights.com/industry-analysis/cybersecurity-market Market estimate 2018 by  Global Market Insights, Inc. & Zion Market Estimates 

https://www.zionmarketresearch.com/news/cyber-insurance-market Zion Market Estimates

Amol Pramod Ubale

Digital Sales Head for Insurance - APAC, Wipro

He has 17 years of experience in building Digital Insurance channels for Group, Employee Benefits and Retail. Amol is currently focusing on building Cyber Insurance proposition for SME and retail customers for large P&C insurers.