In 2024, businesses face a rapidly evolving risk landscape where supply chain disruptions and cyber threats have become critical concerns. These threats, including ransomware, invoice manipulation, and dependent business interruption, are not only more prevalent but are also more costly than ever before, making Business Insurance a crucial consideration for companies to mitigate these risks.
As a commercial insurance producer, understanding these risks and knowing how to educate clients about the right cyber liability coverage is essential. This blog post explores how these threats are transforming business insurance in 2024, the gaps in current coverage, and why producers must lead with cyber in their client conversations to protect both their clients and themselves.
Supply chain disruptions like those caused by Change Healthcare not only disrupt operations but can also lead to significant financial losses for businesses that rely on third-party services to function. The recent healthcare-related cyber attacks highlighted the importance of dependent business interruption coverage, which helps businesses recover from financial losses due to a supplier’s or partner’s cyber event. Without this coverage, many businesses could face catastrophic losses that might otherwise be avoided.
The CrowdStrike incident, while not a direct breach but a botched security software update, further demonstrates the impact of these third-party disruptions. It affected millions of businesses globally, showing how even the most secure companies can face severe downtime due to third-party failures. The lesson for producers is clear: ensuring that clients are covered for supply chain disruptions is more critical than ever.
Ransomware attacks have increased dramatically in recent years, with 2024 seeing a continued rise. Industries such as manufacturing, healthcare, and contractors have been particularly hard- hit by these attacks. According to recent reports, manufacturers experienced over a 1,000% increase in ransomware attacks in 2023, and this trend is continuing in 2024.
Ransomware attacks have the potential to bring an entire business to a halt. Companies without the proper cyber insurance coverage may find themselves facing millions of dollars in losses, not just from ransom payments but also from operational downtime, data recovery efforts, and damage to their reputation.
One of the most overlooked but devastating cyber risks is invoice manipulation. This form of cybercrime involves bad actors infiltrating a company’s email systems, rerouting invoices, and siphoning off payments. One recent case involved a government contractor that lost $750,000 to invoice manipulation. The hackers had infiltrated the company’s email system and rerouted payments intended for legitimate suppliers to fraudulent accounts.
This example underscores the importance of having proper cyber insurance policies that cover social engineering and invoice manipulation. Many businesses think they are too small to be targeted, but statistics show that 70% of small businesses still do not purchase cyber insurance. Without this coverage, these businesses are highly vulnerable to financial loss.
With cyber awareness at an all-time high, businesses are more aware than ever of the need for cyber insurance. In the past, many companies would scoff at the idea, thinking they didn’t need such coverage. However, after seeing countless breaches and learning about their effects, most companies now understand the value of cyber insurance.Â
Still, many businesses remain underinsured. While 70% of small businesses don’t have cyber insurance, even those that do often have insufficient coverage. Many companies only carry $1 million in cyber insurance, while the average claim in 2024 is estimated to be around $4 million. This massive gap leaves businesses exposed to potential financial ruin in the event of a major breach.
As a commercial insurance producer, it is critical to educate clients on why $1 million is no longer enough and guide them toward coverage that will actually protect them when the worst happens.
This is where producers can step in and lead with cyber. Every renewal is an opportunity to discuss the necessity of cyber insurance. Failing to offer adequate coverage or skipping the conversation altogether can open producers up to E&O (errors and omissions) exposure. To avoid this, it is essential to offer cyber on every renewal account and provide adequate coverage that meets the client’s specific needs.
Many businesses may believe they are sufficiently covered for cyber risks, but often they are not. For example, if a company only carries $1 million in cyber coverage, they are vastly underinsured. The reality is that a major cyber incident, especially one involving ransomware or a breach of customer data, can easily exceed that limit. Producers must educate clients about the importance of adequate limits, especially in industries like healthcare and manufacturing where breaches are more frequent and costly.
Many businesses also fall into the trap of relying on cyber coverage in their business owner’s policy (BOP), which often provides only minimal protection. These policies typically have low sublimits and may not cover critical exposures like dependent business interruption or system failures. Educating clients about these coverage gaps is crucial to ensuring they are adequately protected.
One of the most powerful tools producers can use to educate their clients is a coverage comparison tool. These tools allow producers to compare cyber insurance policies from multiple carriers side by side, highlighting differences in coverage, sublimits, and exclusions. For example, many BOPs may offer $100,000 or less in cyber coverage, whereas standalone policies from top cyber carriers provide millions in protection.
By showing clients where their current coverage falls short, producers can build trust and credibility while helping clients make more informed decisions about their insurance needs.
 Risk assessments are an invaluable resource for identifying vulnerabilities in a client’s cyber defenses. Tools like those provided by At Bay and Coalition offer comprehensive reports that scan a business’s digital environment for weaknesses. These scans can identify issues such as open ports, missing security patches, or outdated software—common entry points for hackers.
Once a risk assessment is completed, producers can work with clients to address these vulnerabilities, often leading to lower premiums and better coverage. In fact, some insurers offer discounts to clients who take proactive steps to improve their security posture.
 In addition to risk assessments, many insurtech providers now offer built-in security features, such as endpoint detection and response (EDR) and multi-factor authentication (MFA). These tools help clients mitigate their risk and reduce the likelihood of a cyber incident.
For example, some insurers make EDR mandatory before binding a policy, while others offer it as a value-added service. These proactive measures not only help clients avoid costly cyber incidents but also reduce the frequency of claims, which can lead to more favorable renewal terms and lower premiums in the long run.
One of the most effective ways to sell cyber insurance is through storytelling. Clients need to understand how real-world cyber incidents could affect their business. Using case studies, such as the invoice manipulation example mentioned earlier, can help clients visualize the potential impact of a cyber event on their operations.
For instance, discussing how a $750,000 invoice manipulation claim nearly crippled a government contractor can drive home the importance of having the right coverage. Real-world stories make the risks more tangible and help overcome objections.
 Producers can further enhance their sales efforts by using coverage comparison tools and vulnerability assessments during prospecting. These tools allow producers to present concrete data about a client’s current vulnerabilities and coverage gaps, making it easier to engage clients in meaningful conversations about their insurance needs.
For example, when making marketing drops, producers can use risk assessment reports to highlight specific vulnerabilities in a client’s cyber defenses, such as open ports or outdated software. This approach not only opens the door for conversations about cyber insurance but also positions the producer as a trusted advisor who can provide real value.
The growing prevalence of supply chain disruptions, ransomware, and invoice manipulation in 2024 makes cyber insurance more critical than ever for businesses of all sizes. As a commercial insurance producer, it’s your responsibility to educate clients about these risks and ensure they have the right coverage in place to protect their operations and their bottom line.
By leveraging tools like coverage comparisons and risk assessments, producers can differentiate themselves in the marketplace while helping
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Ut elit tellus, luctus nec ullamcorper mattis, pulvinar dapibus leo.
Standing out as a commercial insurance producer can feel like an uphill battle. The hard market has intensified competition, making it more important than ever
Personal branding has become a cornerstone of career success. From networking events to LinkedIn profiles, how you present yourself can open doors to new opportunities
The insurance industry has long been defined by its structured approach to risk management, underwriting, and policy distribution. However, as the landscape continues to shift
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Ut elit tellus, luctus nec ullamcorper mattis, pulvinar dapibus leo.
Please confirm you want to block this member.
You will no longer be able to:
Please note: This action will also remove this member from your connections and send a report to the site admin. Please allow a few minutes for this process to complete.
Responses