Cyber insurance has a valuable role to play in a company’s overall risk mitigation strategy. However, due to the challenges associated with cyber risk assessment, there is still no standard for a cyber insurance policy on the market. It is therefore easy to see how challenging it is for insurers to determine a prospective policy’s premium as well as businesses to identify their coverage needs. In an effort to close gaps in the assessment and profiling of a company’s risk profile, a search for new tech solutions is currently underway. Israel, as the cyber nation, is seen as a major player in achieving these goals, and for good reason.
The rise of a cyber startup nation
In 2017, there were 420 active cybersecurity companies in Israel. Since then, the Israeli cyber ecosystem has continued its long-term growth with a record-breaking year in investments reaching a total of US$ 815m which is equivalent to 16% of all private investment in the cybersecurity industry globally. In terms of the number of companies founded, the most dominant cyber subsectors are connected devices, IoT and control systems. Other thriving subsectors include security operations and orchestration as well as SOC (Security Operations Centers) that offer monitoring, incident response, forensics and penetration testing which are all becoming more efficient and automated. An increase in investments and startups dedicated to cyber insurance along with vulnerability and risk management are also on the rise in the region.
Market trends in an innovative arena
This flourishing tech landscape offers tangible opportunities for reinsurers to not only inform cyber startups of prevalent use cases for such cyber insurance that may not even be on their radar but also to create valuable partnerships and to build upon them. Plus, many of these companies are pre-equipped with cutting edge technologies and talents.
In fact, many of the employees with the most advanced skills come direct from a tech-trained military enlistment background. The Israeli Defense Forces continuously produce experienced personnel who very regularly transition to cyber startups. The unique advantage to this is twofold. For one, the high influx of workforce keeps the startup landscape flourishing. Additionally, their unique military tech training provides them with particular skills to understand the attacker perspective. Therefore, they are apt at developing effective and advanced cyber products to protect against hackers.
Israel’s positioning in the tech arena is unprecedented. Not only are businesses manned with top talent, but usually all tech components and data are already in position to quickly build use cases for insurance without additional R&D efforts. For reinsurers, the value of being the first to go-to-market with these startups is clear and is seen as mutually beneficial. For the insurer, the clear advantage to collaborating is a partnership tied to the most cutting-edge technologies that can then be utilised to support their underwriting teams and clients. For the new companies, an insurer’s expertise in cyber risks can help identify specific perils which may not be on the startup’s radar. Since many Israeli companies are open to partnerships and entering the new world of cyber insurance, the prospect to create a design pattern for cyber risk policies with new tech companies is excellent and a win-win. They can, in turn, leverage the insurer’s expertise and access to data sets that utilise machine learning and big data capabilities.
A change in focus is needed
In Israel, traditionally, cyber technologies were developed with a focus on large enterprises. More recently, the Israeli cyber startups landscape has become saturated while questions regarding who to work with and what technology to use often remains unresolved. Many multinational corporates are dealing with these questions and each is trying to find its unique way of evaluating the technologies by equipping themselves with the best talents and new methodologies.
With this growing demand for cyber solutions in the SME sector in recent years the insurance industry is required to swiftly adapt. Although the cyber threat landscape is the same for both SMEs and enterprises, the requirements of SMEs differ significantly. SMEs often cannot afford the adequate IT security staff, systems and protection – or they simply don’t have the knowledge to tackle these new risks effectively. It is not only about downscaling solutions originally meant for large enterprises, it’s about finding solutions tailored to the exact needs of smaller enterprises including pricing and the right technologies. Obviously, the strength of the insurance industry is not to develop the latter. This is where insurance companies and startups, who are lacking the expertise in claims handling, risk assessment and underwriting on their side, are making the perfect match.
For the Israeli startups, the main vulnerability lies in commercialisation since the local market is small and often a European or US-based sales operation is invaluable to competing with stronger domestic players. This is where an on-the-ground local re/insurer has an advantage. They have the opportunity to partner with start-ups, even before they expanded and well before they have expanded globally.
Israel as the vanguard for adapting cyber insurance
The country’s determination to adapt to tech challenges is clear and promising. The surplus of fresh talents, financing solutions and government support make it the perfect access point for reinsurers who want to work with cyber tech to expand their digital solutions while bringing a new sophistication to their tools and techniques used for evaluation. In the digital era, what else can you ask for?
Cyber insurance use case explained:
A cyber insurance policy, also referred to as cyber risk insurance or cyber liability insurance coverage (CLIC), is designed to help an organisation mitigate risk exposures by off-setting costs involved with recovery after a cyber-related security breach or similar event. With its roots in errors and omissions (E&O) insurance, cyber insurance began catching on in 2005, with the total value of premiums forecasted to reach $8-9 billion by 2020. According to PwC, about one-third of US companies currently purchase some cyber insurance.