Today, we see a fast-growing awareness from small and mid-sized businesses (SMBs) regarding their own cyber exposure as well as their need to manage cyber risk. With the U.S. Congress and NIST paying greater and greater attention to SMBs, which after all, create more than 60 percent of the country’s new jobs, business owners are gaining several new pathways for educating themselves on the risk.
They just don’t have many places to turn to for solutions that prevent attacks, fix problems and provide financial protection.
SMBs require enterprise-class solutions that don’t require enterprise-level talent or budgets. They simply don’t have the skill, resources or, frankly, the time at their disposal to devote to cyber risk. But still, they need AND want to address this growing need. SMBs demand an affordable, turn-key solution that offers three core capabilities: risk mitigation, risk prevention and accompanying financial protection.
P&C agencies need only look at the insurance penetration numbers to see the true scale of the opportunity for their growth in this marriage of cyber insurance and cyber security technology. Cyber insurance penetration is super low for SMBs, while the vast majority of large enterprises make the investment — a huge gap that is indeed beginning to narrow.
The ability for P&C agents to quickly capture this opportunity can result in dramatic growth both through new as well as existing customers. However, a simple, easily-understood and well-priced offering is crucial. P&C agencies need the right recipe for success.
A new approach is needed
Cyber risk management is not just about technology. It requires a partnership between the IT organization and the rest of the business. With an eye on resilience as well as efficiency, SMBs can significantly improve their ability to manage cyber risk by purchasing solutions that combine cyber insurance with the latest cybersecurity technologies and services.
Transformation is clearly required in the existing distribution model for cyber insurance. A new breed of partner ecosystems needs to be developed that includes insurers, P&C agencies as well as cyber security technology and services companies. And in order to accelerate market penetration with SMBs, these new partner ecosystems need to deliver turn-key solutions via an easy, simple-to-use sales platform.
Related: Uncovering silent cyber risk
The recipe for success
P&C agencies can open many doors into new SMB customers by offering an appealing combination of risk mitigation, prevention of cyber attacks, financial protection, a simple and quick claims process, as well as education and support.
Here are a few ingredients to help rapidly penetrate the market:
P&C agencies need only look at the insurance penetration numbers to see the true scale of the opportunity for their growth in this marriage of cyber insurance and cyber security technology. (Photo: iStock)
Ingredient No. 1: Risk mitigation, or 'find it & fix it.' Through automated vulnerability identification tools, such as Artificial Intelligence-based virtual hackers, and remediation-as-a-service offerings, SMBs mitigate significant risk by removing potentially disastrous vulnerabilities.
Ingredient No. 2: Prevention of cyber attacks. Cloud-based security services can offer powerful, yet easy to use solutions that prevent cyber attacks. An example of a potentially harmful threat that must be protected against is a Distributed Denial of Service (DDOS) attack. DDoS is a cyber attack that seeks to flood a targeted resource with junk requests, and therefore either slows down or halts legitimate requests. Organization should also protect against malicious content via a Web Application Firewall (WAF).
Ingredient No. 3: Financial protection, or peace-of-mind. When the worst happens, and it’s likely that it will at some point, an SMB owner needs a means of getting back on their feet. Financial protection alongside technology can help an SMB get up and running quickly, recovering the cost of expenses such as data restoration, customer notification, public relations services, legal/professional fees, as well as data forensics.
Ingredient No. 4: A simple, quick claims process. All of the above financial protection sounds great, but it needs to be accompanied by a claims process that is fast, easy and prioritizes the customer experience. In fact, cyber security technologies actually help speed up the claims process by providing much needed information.
Ingredient No. 5: Education and support. In order for insurance agents to effectively sell cyber insurance with embedded cyber security technologies and services, they need solid training and sales enablement. Cyber security technology companies are well position to deliver the needed education — especially those with significant know-how.
The time is now
Every news story about the latest data breach and cyber attack reinforces the fact that more and more SMB owners are realizing their business could become the next victim. In today’s ever-growing threat landscape, it’s clear that SMBs represent an enormous, underpenetrated market for the marriage of cyber security and the insurance industry. Not only are SMB owners’ mindsets changing, but the approach to managing their cyber risks needs to change as well. With an approach that includes the above ingredients, P&C agents can be well positioned to develop and capture this market and open up new, renewable revenue streams while providing a truly valuable service to the core of the nation’s economy.
Robert Zimmer is vice president of strategy and business development at GamaSec (www.gamasec.com), a global provider of website security solutions for small and medium-sized businesses. He can be reached at firstname.lastname@example.org.
The views shared here are the author's own.