While it is extremely difficult to determine how large thecyber-insurance market currently is in the U.S., conventionalwisdom points to an annual premium volume in excess of $1.2billion, and possibly as high as $1.5 billion. In any event, thepotential market is huge and expanding.

From a revenue standpoint, cyber coverages could rise to thelevel of CGL policies, especially in the small- tomedium-sized-risk sector, as everyone has a need for somecyber-liability products.

Producers are cautioned to take the time to learn what cybercoverage encompasses so they can be proactive and use the requisiteskills and knowledge to respond appropriately to clients'needs.

As of 2013, in the U.S. market alone, there were 14.72 millionself-employed businesses, including 9.41 million unincorporatedself-employed and 5.31 million incorporated self-employedindividuals. What stands out about this group is that anoverwhelming majority of these entrepreneurs utilize the Internetand many third-party vendors in their business and personalactivities. More directly, most have exposure to cybercrime and agrowing need for cyber-liability coverage.

While ISO established a standard cyber policy in themarketplace, there is large variation among carriers providingstandalone policies. There is an even wider disparity among thoseinsurance carriers providing add-on cyber coverage by endorsementto a traditional policy.

More importantly, add-on risk-management services reallydifferentiate carriers' offerings. These value-added risk controland management services can easily justify the premium differencesamong the carriers.

Most of these additional resources are developed by specialistsin the field of cyber security and then made available to thepolicyholder at no additional, or a very nominal, charge. Suchservices may include call-center and notification response,cyber-specialist attorneys, crisis-management assistance, forensicassistance, training, testing for system vulnerability and creditmonitoring. There are also pre-loss services such as a help desk orinformation portals to assist the insured in managing cyberexposure.

As the chart below illustrates, not all cyber policies arecreated equal, nor is the risk appetite standardized. Since cyberliability is a sold product and there are so many variables inexposure and need, the producer must put forth a great amount ofeffort to know what he or she is selling in order to take advantageof the growing market for cyber-liability insurance.