Recently, many leading insurers have applied transformative solutions to enhance their cyber products. With the cyber insurance market projected to double to $29B by 2027, we explore what constitutes market-leading cyber claims management.  

In this blog we’ll delve into the complexities of responding to cyber claims, the essential skills required by claims adjusters, and the measures insurers must take to achieve excellence in cyber claims management. 

The complexity of cyber claims  

The most comprehensive cyber coverage encompasses a broader range of perils than most other insurance products: 

1. First-party coverages: This includes damage to devices, network damage, physical property damage, and damage to digital assets. It also covers damage to or theft of intangible assets, theft of funds, and costs associated with recovery, restoration, and remediation. Financial losses due to business interruption, lost business opportunities, reputational damage, ransomware, and extortion are also included. Additionally, expenses related to investigations, notifying affected third parties, and damage to intellectual property such as patents and trademarks are covered. 

1. Third-party coverages: These coverages include contractual and legal liability, regulatory proceedings, and multimedia liability. They also encompass civil damages, compensation, payment card loss, errors and omissions, technology professional liability, miscellaneous professional liability, and network security and privacy liability. 

When the policyholder of a comprehensive cyber product is a large multinational corporate business with both B2B and B2C customers, handling a potential large-scale claim becomes highly complex for claims adjusters. Cyber claims, akin to oil spillages, are catastrophic by nature, recognize no geographical boundaries, and are continuously evolving and unpredictable. Cyber breaches can critically impact businesses, societies, and essential national infrastructure, including hospitals, water and sewage systems, and airports. 

The complexity, however, extends further. Cyber claims pose unique challenges to today’s claims adjusters due to the intricate technical nature of the claims, which involve IT systems, both tangible and intangible assets, cybersecurity protocols, digital forensics, and the constantly changing regulatory and legislative landscape concerning data protection, AI protection, and privacy law across all affected jurisdictions. 

Furthermore, a cyber claims adjuster must be adept at instructing and managing a diverse group of specialists, ranging from IT forensic experts, data experts, and forensic accountants to credit monitoring experts, legal breach counsel, public relations experts, crisis management professionals, and ransomware attack experts. 

The skills of a cyber claims adjuster 

The skills of a cyber claims adjuster are multifaceted and require a detailed understanding of various aspects: 

Knowledge Requirements: A cyber claims adjuster must possess advanced, industry-recognized qualifications and typically have a background in Errors & Omissions (E&O), Trade Credit, Political Risk, and/or Crisis Management. They need practical knowledge of applying first and third-party cyber coverages, reserving, evaluations, and risk management processes, usually gained from previous roles in cyber claims or broker advocacy. 

Experience Requirements: The industry faces challenges due to a limited talent pool. It’s crucial for adjusters to understand the roles and responsibilities of various experts involved in cyber claims. Their practical experience is vital for effectively overseeing and managing these experts to ensure rapid response to claims, effective mitigation actions to prevent further losses, and complete resolution of claims. Cyber claims have grown in complexity and quantity, but many adjusters come from auxiliary lines of business. A key skill often missing is proficiency in IT systems, cybersecurity protocols, digital forensics, intangible assets, and a deep understanding of constantly evolving regulations and legislation across IT, AI, GDPR, and consumer privacy. This is particularly critical when insurance covers technology-based companies, where coverage is often bespoke and niche. 

Operational Responsibilities: Adjusters must effectively determine the existence, cause, and scope of a breach and manage key activities in cyber claims management. This includes selecting and managing the appropriate incident response team, assessing ongoing or concluded breaches, evaluating the impact on the customer’s business and assessing breaches of cybersecurity protocols. It also covers responding in compliance with current data protection and privacy regulations, identifying and responding to fraud triggers, and providing feedback into underwriting risk controls and actuarial tables. 

Customer Segment Knowledge: Proficient knowledge and experience with a range of customer segments, from SMEs to multinational and large corporate clients, are also essential for a cyber claims adjuster. Because Cyber is such a swiftly evolving product and still sub-scale to many other lines, insurers face the difficult question of whether to organize their Cyber claims team as a line of business CoE or whether to adhere to existing CoEs centred around SME, mid-market, multi-national clients etc. 

Emerging risks and challenges 

The task of determining the existence, cause, and scope of a breach is becoming increasingly complex due to the extensive coverage of cyber insurance, rapid technological and data platform evolution, the catastrophic and systemic risks associated with breaches, and the implications of Gen AI. Gen AI presents new opportunities and challenges, enhancing capabilities for both cyber attackers and defenders, leading to more sophisticated attacks almost daily.  

The strategic choices to become market-leading in cyber claims  

In conclusion, there are four key components to get right:  

1. Insurers need a claims application that supports the adjusters in effective management of the incident response team and experts. The application needs to be fit-for-purpose for cyber, which means a comprehensive master data management to orchestrate the 100+ relevant cyber claims data points as well as an expert-specific permission access to documents.
2. Insurers need a comprehensive and continuous development program to remain proficient in evolving cyber risk, technology changes and especially the opportunities and challenges that Gen AI represent. 
3. Insurers need a comprehensive cyber saferoom that provides a secure space for pre-incident advice and training, incident response planning, notification services, etc. The saferoom must have the right guardrails that support collaboration with the independent legal breach counsel.
4. Insurers need a continuous feedback-loop of claims master data that inform the actuarial tables and the risk controls in underwriting. Market-leading insurers achieve this with a scalable infrastructure and architecture, so that the technical pricing across all variables is informed in real-time based on loss history.