Here in the UK I’d say we’re somewhere between “let’s talk” and “first purchaser”. Specialised cyber risk cover is still a dark art to most organisations…:
[…] “You have to think of sector as a moving feast,” he said. “Every market across the world is in a slightly different stage when it comes to purchasing cyber and it’s a peculiar and particular mix between the law, claims and buying habits.”
There are several stages to the cyber insurance sector following the implementation of new laws, Tuplin said, and the first of these is what he refers to as the ‘let’s talk stage’, where the client has been hearing about cyber and wants to know what it does and what it covers. In this stage, the client receives an indicator for the price, he said, and generally comes back saying they are not interested at that time, if they come back at all.
A period later, often between 12 and 36 months, he said, the client will come back with a renewed understanding of the importance of the cover often due to a problem at their own or a peer’s organization, or board pressure.
“That is three or four years after the law,” he said. “It takes a little bit of time for people to learn, for the brokers to learn, for the clients to learn, and then to find and get the sign off for the budget which can often be a difficult thing to do.”
The next step is the ‘first purchaser stage’, where those who are at high risk of exposure and with big enough budgets are buying the product. Finally, the ‘flush stage’ is reached, he said, where the market knows what cyber is and how it works and has a fundamental grasp on what is and is not covered. In this stage, he said, those who are at high and medium-risk are buying the product and the focus moves on to those with smaller risks or less understanding of the sector, who are either less worried about their exposure or who simply do not have the available budget.