- Where Insurance & Technology Meet

Shopping for cyber coverage? Buyer beware

by Miki Ho, Head of Underwriting (Canada), Resilience

Changes in the cyber insurance marketplace are increasing competition among insurers, prompting more Canadian organizations to expand their search for competitive cyber coverage. With increased capacity leading to more competitive pricing and broader coverage offerings, buyers are interested in exploring their options. Seeking alternative options from new coverage can provide significant benefits, but insurance buyers should, first and foremost, look for a solution that fits their risk management and cybersecurity needs.

In the past three years, the cyber insurance market hardened as loss frequency and severity soared, particularly from ransomware attacks. Premiums adjusted considerably, in line with the changing loss environment. Before the market stabilized, insurers restricted the capacity for primary cyber layers. In addition, some cyber insurers sublimited coverage, added coinsurance requirements, and tightened conditions that would trigger coverage. It was not an easy market for risk managers and brokers to navigate, and stability in cyber insurance partners was difficult to find.

A reprieve in 2022 claims helped stabilize loss ratios, and ongoing demand for cyber coverage attracted some new insurers with new or additional cyber capacity. As a result, the cyber market has stabilized, which is driving the trend in remarketing insurance programs. Buyers in Canada and their brokers are seeking options and trying to obtain broader solutions for cyber risks. For many, it’s not just about better prices; it’s also about securing better coverage.

Looking for value

When shopping for cyber coverage from an alternative market, buyers and brokers should strive to make informed decisions. It’s worth asking questions and looking closely at the details of coverage offerings. Here are some ways to find value when shopping for cyber insurance:

  • Differentiation: A good question for buyers and brokers to ask: How is this coverage different from other cyber offerings and my current coverage? Lower premiums could be paired with more restrictive terms. Look beyond price to see how cyber policies materially differ in the coverage and risk management solutions they offer. It’s also important to understand the carrier’s approach to claims and whether you have direct access to a local vendor panel with 24/7 resources.
  • Scope of risk: How does the insurer view cyber risk, and what role does the insurance policy play in solving it? Paying claims is an important part of all policies, to be sure, but cyber is a highly dynamic risk that calls for advanced risk mitigation services. Good insurance partners focus on helping their policyholders proactively avoid claims, which can help to stabilize coverage for the longer term.
  • Services: What kinds of risk mitigation services are available? Looking at the overall value of the offering is important. For example, insurance buyers and their brokers should examine the risk management tools offered, and the insurer’s ability to help clients manage and reduce risk over time. Certain insurance providers offer ongoing solutions to scan for and identify new vulnerabilities over time. This partnership can help avoid filing a claim during the policy term avoiding a costly incident.
  • Experience: Who’s on the insurer’s team when it comes to protecting policyholders against threat actors? Buyers and brokers should look for experience in a cyber insurer’s underwriting and claims teams.

What to look for in a cyber risk partner

With these qualities in view, what should risk managers and their brokers look for in a cyber insurance partner? First is an insurer that views cyber risk holistically and therefore offers a truly different solution from others.

This approach is necessary because the cyber risk landscape remains challenging, and threat actors are resorting to novel approaches to increase extortion payments. Resilience’s Midyear 2023 Claims Report found that ransomware is entering a new era, with cybercriminals targeting vendors as a means of bypassing critical controls, conducting “big-game hunting” on larger organizations, and stealing data in encryptionless extortion attacks.

Secondly, advanced, expert cybersecurity and risk mitigation services should be an integral part of any effective cyber risk solution. Many cyber insurers rely on outside expert resources to provide these services. If a cyber insurer already has them in-house, that’s a considerable advantage to buyers and brokers.

Finally, seek an insurance partner that is committed to making its policyholders’ resilient. That means being able to prevent losses whenever possible and facilitate recovery as quickly as possible when incidents do occur. This happens when the cyber insurance solution also increases the organization’s security. The goal of any insurance product is to transfer financial risk away from an organization. For cyber threats, however, that approach alone is insufficient. Companies need to think about how to mitigate and avoid cyber losses as well, and they need a partner with the solution to help them build this level of cyber resilience.

About the Author

Miki Ho is the Head of Underwriting for Canada at Resilience Cyber Insurance Solutions Agency Canada Limited, the cyber risk solution company dedicated to helping make the world cyber resilient. Based in Toronto, he has deep experience in cyber risk management and is responsible for delivering Resilience’s cyber insurance solution throughout Canada. Before joining Resilience, he held business development, underwriting, and client executive roles in the Canadian operations of Coalition, Beazley, Allianz Global Corporate & Specialty, and Marsh Canada. He can be reached at [email protected].

About Resilience

Resilience is the cyber risk solution company that’s on a mission to help make the world cyber resilient. Founded in 2016 by experts from across the highest tiers of the U.S. military and intelligence communities, and augmented by prominent leaders and innovators from the insurance and technology industries; Resilience helps financial, risk, and information security leaders continuously improve their organizations’ cyber resilience by connecting cyber insurance coverage with advanced cybersecurity visibility and a shared plan to reinforce actionable cyber hygiene. Resilience is proud to be backed by leading technology investment firms including General Catalyst, Lightspeed Venture Partners, Intact Ventures, Founders Fund, CRV, and Shield Capital. With headquarters in San Francisco, Resilience’s team is globally dispersed, with offices in New York, Chicago, Baltimore, Toronto, London, and Dublin. Resilience offers insurance coverage through its licensed and appointed insurance agency and security services through its expert security team. For more information, visit

SOURCE: Resilience