How to Sell More Cyber Insurance

Photo illustration of a cyberspace pattern.

How to sell cyber insurance:
• Thoroughly educate yourself on cyber threats and all coverage options.
• Be a cyber policyholder. This aids in communicating the value of coverage.
• Make the threat of loss from a cyber attack “real” for the customer. Identify their exposures and frame their potential loss in dollars, versus being protected. Emphasize cybersecurity as a primary business function.

Now that you’ve schooled up on the ins and outs of cyber coverage, here’s how you make the threat real for them – and make the sale.

Previously, we detailed how critical it is for independent agents to learn the finer points of cyber coverage. It’s an ideal way to not only protect your client, but also protect you from E&O exposure – and can boost your premium.

Once an agent becomes savvy enough to identify their clients’ potential for loss, the ins and outs of cyber policies, and the types of information that underwriters will need, only then can they make an expert pitch to see that their customers are protected.

Like any other peril, the threat of loss from a cyber attack has to be made “real” for the client; the agent must paint a picture of the broader exposures. Real-life examples of cyber events taken from the headlines are useful, such as T-Mobile’s September 2023 data breach in which 89 gigabytes of data primarily related to T-Mobile employees, including e-mail addresses and partial Social Security Numbers, were posted on a hacker forum – or the 2022 breach suffered by the Red Cross in which more than half a million records were compromised  including documents that the Red Cross classed as “highly vulnerable.”

It’s not an exaggeration to say that if a small to midsized business gets locked out of its system as the result of a data breach, the ensuing financial damage suffered could be the difference between staying in business and shutting down for good.

Once the basic understanding of the wider threat is understood, the gravity of the exposure can be laid bare for the client. Does the business handle payment data? Does the state in which the business is based require notification to customers if their information is compromised? If it does (and many do), those notification costs alone could prove costly – to say nothing of the business’ reputational loss.

Putting the potential loss in dollars and cents for the client, versus the cost of having the right coverage in place, can go a long way in making the sale.

Demonstrating to your carrier partners that the client is a good risk is paramount, particularly when trying to keep the cost of coverage affordable. Underwriters will want to know what steps the insured has already taken to protect themselves, such as using multi-factor authentication (MFA), endpoint detection and response (EDR) tools to detect and mitigate cyber threats, and backups held in a separate, secure location which require MFA for access.

Renaissance Alliance members have access to more than 45 standard carriers and over 100 markets in total. Learn here how your agency can greatly expand your placement options. 

Practice What You Preach

If the client still insists on foregoing cyber cover once the agent has made their case, the insured should be asked to sign a document that states the coverage was offered, but the customer is opting to remain uninsured against a cyber loss. Not only can this change the mind of a cautious business owner, but it also protects the agent against possible Errors & Omissions exposure.

If a commercial client suffers a breach and finds out that they’re not covered for a cyber loss under their General Liability policy or their BOP coverage (as many of them might assume), that client can then rightfully demand to know why they weren’t presented with an option to protect themselves. At best, the agency might lose the client; at worst, they can be sued.

The ace in the hole for cyber-selling agents, however, is being a cyber-insurance policyholder. This is something that many agents also lack, much to their detriment.

“Agents will say, ‘I don’t need cyber because I’m already protected by my IT service provider, they address that,’” says Tom Wetzel, an agency consultant on cybersecurity and whose firm Thomas H. Wetzel & Associates is partnering with PIA National to offer its exclusive cyber risk assessment to independent insurance agents. “Well, IT service providers are not always equipped to handle cybersecurity challenges. Some are, and that’s a good thing. But it goes way beyond having a good firewall.”

It’s equally naïve for agents to believe that they’re immune to a cyber breach. All it takes is for one employee to open a phishing e-mail, click on a link they think is legitimate, and bam – their agency’s system is infected with malware. Imagine getting locked out of your agency’s computer system for at least a week or two while a ransom is negotiated with the perpetrator, on top of the expense and hassle of securing a firm to do that for you.

Whether you’re selling cyber or buying it yourself – and you most definitely should – it’s smart to think of cyber exposure as “the great equalizer,” because all of us, whether it be individuals or businesses, are potential targets. As Wetzel puts it, “Cyber exposure is different from other perils in that it affects everyone. We’re all vulnerable in the digital ecosystem.

“Cyber security has to be a topic that’s discussed all the time. It has to be a primary business function,” he adds. “If you’re going to bill yourself as a trusted advisor and fulfill that duty, you have to guide them in protecting themselves. Make the strongest possible case for it.”

Especially when it comes to cyber insurance, an ounce of prevention is well worth a pound of cure.

Download our free e-book here: The Independent Agent’s Playbook for Success – How to Solve Your Agency’s Five Biggest Challenges 

About Renaissance

Renaissance provides market access, placement services, technology and resources for independent insurance agents that want to grow their business and maximize efficiency.

More Insights

Subscribe

Start the conversation
Learn more about membership

Renaissance is a good fit for independent insurance agencies that:

NON-DISCLOSURE TERMS AND CONDITIONS

These Non-Disclosure Terms and Conditions (“Agreement”) govern the provision of information by Renaissance Alliance Insurance Services, LLC (“Renaissance”) to a prospective agency member (“Recipient”). Renaissance and Recipient Renaissance and Recipient are hereinafter referred to together as the “Parties,” and each may be referred to separately as a “Party.”

The Parties acknowledge that Renaissance may disclose to Recipient certain of Renaissance’s confidential, sensitive and/or proprietary information including, but not limited to, business, financial or technical information, in connection with the potential establishment and/or conduct of a business relationship or transaction between the Parties (the “Transaction”). In connection therewith, for good and valuable consideration, the receipt and sufficiency of which consideration are hereby acknowledged by Recipient, and as a condition of the provision of Confidential Information (as defined below) to Recipient, Recipient hereby agrees as follows:

  1. Confidential Information.Confidential Information” means any and all information provided by Renaissance to Recipient in any form, and at any time (including prior to or following the execution of this Agreement), including but not limited to any such information that (a) is related to Renaissance’s business, finances, financial information, pricing, business plans, profitability, projections, business or financial opportunities, investment strategies, other strategies, data, products, services, concepts, contacts, personnel, customers, vendors, prospects, intentions, formulas, methods, processes, practices, models, tools, computer programs, software, discoveries, inventions, know-how, negative know-how, business relationships, agreements (including this Agreement), intellectual property, trade secrets (whether or not patentable or copyrightable), trade secrets, or other confidential or proprietary information, (b) contains or is related to any communications, negotiations or proposals regarding the Transaction; (c) Recipient has either been informed, or reasonably should know, is confidential in nature; or (d) consists of or contains names, addresses or other information of any description relating to any of Renaissance’ member agencies or any of such member agencies’ customers or clients. Confidential Information shall also include any analyses, compilations, studies or other documents or materials prepared by Recipient or by any of its Representatives, that contain, rely upon, are derivative of or otherwise reflect any Confidential Information as described in the preceding sentence. The foregoing notwithstanding, Confidential Information shall not include any information which, at the time it is provided to Recipient; (i) is already known to Recipient, (ii) is then or later becomes available to the general public without violation of any requirement of confidentiality.
  1. Providing of Confidential Information. Renaissance may provide to Recipient any Confidential Information, in such manner and at such times as Renaissance may determine, to assist Recipient in evaluating, negotiating and carrying out the Transaction, but shall have no obligation to provide any, or any particular, Confidential Information to Recipient. Renaissance makes no, and disclaims any, representations or warranties regarding any Confidential Information it may provide, except as may be provided in any definitive documentation relating to a Transaction.
  1. Non-Use and Non-Disclosure; Representatives. Recipient agrees not to use any of Renaissance’s Confidential Information for any purpose other than for or in connection with the evaluation, negotiation, entering into or carrying out of a Transaction. Recipient agrees not to disclose any of Renaissance’s Confidential Information to any third party other than Recipient’s directors, officers, employees, affiliates, counsel, consultants, advisers, representatives and agents (collectively, “Representatives”) who have a reasonable need for the same in connection with the uses thereof permitted under this Agreement. Any such Representatives who are provided with any Confidential Information shall be instructed to maintain the same in confidence, and not to make any use or disclosure of the same other than as permitted under this Agreement. Recipient shall be responsible for any breach of this Agreement by any of its Representatives, to the same extent as though Recipient had committed such breach personally. Recipient agrees to use the same level of care in protecting the Confidential Information from unauthorized disclosure as it uses to protect its own confidential or proprietary information, and in any case will use no less than a commercially reasonable level of care in protecting all Confidential Information from unauthorized disclosure. The foregoing notwithstanding, Recipient shall be permitted to disclose so much of the Confidential Information as has been authorized for release by Renaissance in writing, to the persons and upon the conditions so authorized by Renaissance, in connection with the carrying out of the Transaction. Recipient shall not circumvent or seek to circumvent Renaissance’s negotiations with any third party, either by entering into discussions directly with such third party otherwise than on behalf of Renaissance, or otherwise. For purposes of this Section, each Party shall act in good faith and deal fairly with the other Party.
  1. No License; Return of Confidential Information. Recipient will not acquire any license or other rights whatsoever with respect to any of the Confidential Information by virtue of its disclosure to Recipient pursuant to this Agreement, or by virtue of any use thereof permitted hereunder. Recipient agrees to destroy or to return all Confidential Information to Renaissance, including both originals and all copies thereof (other than copies created as part of the routine backup of Recipient’s servers, or copies retained pursuant to a requirement of a governmental or regulatory authority, all of which retained copies shall be held confidential for so long as such materials are so retained), and to confirm the completion of such return or destruction to Renaissance in writing, promptly upon demand by Renaissance within the term of this Agreement. The term of this Agreement shall be for a period of five (5) years, commencing on the Effective Date set forth above. Either Party may terminate this Agreement at any time, upon written notice to the other Party, provided that the obligations of Recipient hereunder shall nevertheless survive for the period above stated, with respect to all Confidential Information provided prior to such termination.
  1. Orders Requiring Production. In the event Recipient receives a court subpoena, request for production of documents, court order or other requirement of a governmental agency to disclose any Confidential Information (a “Disclosure Requirement”), Recipient shall (unless prohibited by law) give prompt written notice to Renaissance thereof so that Renaissance may seek to challenge or limit the Disclosure Requirement. Recipient agrees to cooperate reasonably in any effort of Renaissance to limit or prevent any required disclosure of Confidential Information, provided that Recipient shall: (i) not be required to incur any expense in connection with such cooperation, and (ii) not be required to disobey any Disclosure Requirement. Recipient shall not be deemed in violation of this Agreement if it complies with any such Disclosure Requirement either after having provided Renaissance with notice thereof and a reasonable opportunity to contest the same, or if such notice is not permitted. Recipient agrees to (a) exercise reasonable efforts to disclose only the minimum amount of Confidential Information that Recipient is compelled to disclose, in the opinion of its legal counsel, and (b) request that confidential treatment (if legally permissible) will be accorded to the Confidential Information being disclosed.
  1. Injunctive Relief. Recipient acknowledges that the Confidential Information is confidential, and that disclosure or use of said information in violation of the terms of this Agreement would result in substantial and irreparable harm to Renaissance, the actual dollar amount of which damage would be impossible to determine. Accordingly, Recipient agrees that, in addition to any other remedies that may be available, in law, in equity or otherwise, Renaissance shall be entitled to seek injunctive relief against the actual or threatened breach of this Agreement or the continuation of any such breach by Recipient, without the necessity of proving actual damages and without posting bond. This provision shall not limit the right of Renaissance to seek actual damages or any other legal or equitable remedy for any breach hereof.
  1. Miscellaneous. This Agreement shall be construed in accordance with and governed by the laws of the State of Illinois, without regard to its conflicts of laws principles. Any action or proceeding against either Party relating in any way to this Agreement shall be brought and enforced only in the Federal (to the extent appropriate jurisdiction exists) and State courts located in Cook County in the State of Illinois, and the Parties irrevocably submit to the jurisdiction of such courts in respect of any such action or proceeding, and irrevocably waive any objection to venue in such courts, including but not limited to any objection that such venue is inconvenient. This Agreement embodies the entire agreement of the Parties with respect to the subject matter hereof, and supersedes all prior and contemporaneous agreements and understandings, oral or written. No amendment to this Agreement and no waiver of any provision hereunder shall be effective unless it is in writing and signed by an authorized officer of the Party against whom such amendment or waiver is asserted. No invalidity or unenforceability of any provision of this Agreement shall affect the validity or enforceability of the remaining portions hereof. This Agreement shall be binding upon, and shall inure to the benefit of, each of the Parties and their respective successors and assigns. There are no intended third-party beneficiaries of this Agreement. This Agreement does not in any way bind either Party to enter into or continue any type of business relationship with the other. Nothing in this Agreement shall prevent Renaissance from at any time disclosing any of its Confidential Information to others or negotiating with others for any purpose whatsoever. Nothing contained in this Agreement shall be construed to constitute the Parties as partners, joint venturers, co-owners or otherwise as participants in a joint or common undertaking. Recipient’s indication of assent to this Agreement via electronic means shall be equally binding and effective as an original signature hereon, and shall be deemed duly and effectively delivered if so transmitted or provided.