Toggle Side Panel
Close search

How Supply Chain Disruptions and Cyber Risks are Transforming Business Insurance in 2024 – A Conversation With Zane Goldthorp

Business Risk

In 2024, businesses face a rapidly evolving risk landscape where supply chain disruptions and cyber threats have become critical concerns. These threats, including ransomware, invoice manipulation, and dependent business interruption, are not only more prevalent but are also more costly than ever before, making Business Insurance a crucial consideration for companies to mitigate these risks.

As a commercial insurance producer, understanding these risks and knowing how to educate clients about the right cyber liability coverage is essential. This blog post explores how these threats are transforming business insurance in 2024, the gaps in current coverage, and why producers must lead with cyber in their client conversations to protect both their clients and themselves.

The Year of Supply Chain Disruption

Overview of 2024 Cyber Risks

The surge in cyber attacks related to supply chain vulnerabilities has made 2024 a critical year for businesses of all sizes. Some of the largest breaches this year, including Change Healthcare, Ascension, and CDK Global, crippled entire industries, demonstrating that even businesses that are not directly targeted by a cyber attack can still suffer significant losses due to third-party vulnerabilities.

These breaches primarily affected healthcare and automotive industries, where third-party providers are often integral to day-to-day operations. When one part of the supply chain experiences a breach or ransomware attack, the ripple effect can shut down businesses for weeks. For example, the CDK Global breach affected over 15,000 auto dealerships, forcing them to revert to outdated manual processes and costing the industry over $600 million.

Impact on Business Operations 

Supply chain disruptions like those caused by Change Healthcare not only disrupt operations but can also lead to significant financial losses for businesses that rely on third-party services to function. The recent healthcare-related cyber attacks highlighted the importance of dependent business interruption coverage, which helps businesses recover from financial losses due to a supplier’s or partner’s cyber event. Without this coverage, many businesses could face catastrophic losses that might otherwise be avoided.

The CrowdStrike incident, while not a direct breach but a botched security software update, further demonstrates the impact of these third-party disruptions. It affected millions of businesses globally, showing how even the most secure companies can face severe downtime due to third-party failures. The lesson for producers is clear: ensuring that clients are covered for supply chain disruptions is more critical than ever.

The Rise of Ransomware and Invoice Manipulation

Ransomware in 2024

Ransomware attacks have increased dramatically in recent years, with 2024 seeing a continued rise. Industries such as manufacturing, healthcare, and contractors have been particularly hard- hit by these attacks. According to recent reports, manufacturers experienced over a 1,000% increase in ransomware attacks in 2023, and this trend is continuing in 2024.

Ransomware attacks have the potential to bring an entire business to a halt. Companies without the proper cyber insurance coverage may find themselves facing millions of dollars in losses, not just from ransom payments but also from operational downtime, data recovery efforts, and damage to their reputation.

Invoice Manipulation and Social Engineering

One of the most overlooked but devastating cyber risks is invoice manipulation. This form of cybercrime involves bad actors infiltrating a company’s email systems, rerouting invoices, and siphoning off payments. One recent case involved a government contractor that lost $750,000 to invoice manipulation. The hackers had infiltrated the company’s email system and rerouted payments intended for legitimate suppliers to fraudulent accounts.

This example underscores the importance of having proper cyber insurance policies that cover social engineering and invoice manipulation. Many businesses think they are too small to be targeted, but statistics show that 70% of small businesses still do not purchase cyber insurance. Without this coverage, these businesses are highly vulnerable to financial loss.

Why Every Business Needs Cyber Insurance

Business Risk

Cyber Awareness on the Rise

With cyber awareness at an all-time high, businesses are more aware than ever of the need for cyber insurance. In the past, many companies would scoff at the idea, thinking they didn’t need such coverage. However, after seeing countless breaches and learning about their effects, most companies now understand the value of cyber insurance. 

Still, many businesses remain underinsured. While 70% of small businesses don’t have cyber insurance, even those that do often have insufficient coverage. Many companies only carry $1 million in cyber insurance, while the average claim in 2024 is estimated to be around $4 million. This massive gap leaves businesses exposed to potential financial ruin in the event of a major breach.

As a commercial insurance producer, it is critical to educate clients on why $1 million is no longer enough and guide them toward coverage that will actually protect them when the worst happens.

Small Business Vulnerabilities

Even though awareness is rising, the reality is that many businesses still do not have the right cyber insurance in place. For small businesses, the danger is especially acute, with 70% of small businesses not carrying any cyber insurance at all. Even worse, many of those who do have cyber insurance are woefully underinsured.

This is where producers can step in and lead with cyber. Every renewal is an opportunity to discuss the necessity of cyber insurance. Failing to offer adequate coverage or skipping the conversation altogether can open producers up to E&O (errors and omissions) exposure. To avoid this, it is essential to offer cyber on every renewal account and provide adequate coverage that meets the client’s specific needs.

Cyber Coverage Gaps and the Need for Adequate Limits

Understanding Coverage Gaps

Many businesses may believe they are sufficiently covered for cyber risks, but often they are not. For example, if a company only carries $1 million in cyber coverage, they are vastly underinsured. The reality is that a major cyber incident, especially one involving ransomware or a breach of customer data, can easily exceed that limit. Producers must educate clients about the importance of adequate limits, especially in industries like healthcare and manufacturing where breaches are more frequent and costly.

Many businesses also fall into the trap of relying on cyber coverage in their business owner’s policy (BOP), which often provides only minimal protection. These policies typically have low sublimits and may not cover critical exposures like dependent business interruption or system failures. Educating clients about these coverage gaps is crucial to ensuring they are adequately protected.

Using Coverage Comparison Tools

One of the most powerful tools producers can use to educate their clients is a coverage comparison tool. These tools allow producers to compare cyber insurance policies from multiple carriers side by side, highlighting differences in coverage, sublimits, and exclusions. For example, many BOPs may offer $100,000 or less in cyber coverage, whereas standalone policies from top cyber carriers provide millions in protection.

By showing clients where their current coverage falls short, producers can build trust and credibility while helping clients make more informed decisions about their insurance needs.

The Role of Risk Assessments and Cyber Insurtech Solutions

Business Risk

Risk Assessment Reports

 Risk assessments are an invaluable resource for identifying vulnerabilities in a client’s cyber defenses. Tools like those provided by At Bay and Coalition offer comprehensive reports that scan a business’s digital environment for weaknesses. These scans can identify issues such as open ports, missing security patches, or outdated software—common entry points for hackers.

Once a risk assessment is completed, producers can work with clients to address these vulnerabilities, often leading to lower premiums and better coverage. In fact, some insurers offer discounts to clients who take proactive steps to improve their security posture.

The Importance of Proactive Cyber Security

 In addition to risk assessments, many insurtech providers now offer built-in security features, such as endpoint detection and response (EDR) and multi-factor authentication (MFA). These tools help clients mitigate their risk and reduce the likelihood of a cyber incident.

For example, some insurers make EDR mandatory before binding a policy, while others offer it as a value-added service. These proactive measures not only help clients avoid costly cyber incidents but also reduce the frequency of claims, which can lead to more favorable renewal terms and lower premiums in the long run.

Leading with Cyber in Sales Conversations

Storytelling and Case Studies

One of the most effective ways to sell cyber insurance is through storytelling. Clients need to understand how real-world cyber incidents could affect their business. Using case studies, such as the invoice manipulation example mentioned earlier, can help clients visualize the potential impact of a cyber event on their operations.

For instance, discussing how a $750,000 invoice manipulation claim nearly crippled a government contractor can drive home the importance of having the right coverage. Real-world stories make the risks more tangible and help overcome objections.

Leveraging Technology for Prospecting

 Producers can further enhance their sales efforts by using coverage comparison tools and vulnerability assessments during prospecting. These tools allow producers to present concrete data about a client’s current vulnerabilities and coverage gaps, making it easier to engage clients in meaningful conversations about their insurance needs.

For example, when making marketing drops, producers can use risk assessment reports to highlight specific vulnerabilities in a client’s cyber defenses, such as open ports or outdated software. This approach not only opens the door for conversations about cyber insurance but also positions the producer as a trusted advisor who can provide real value.

Conclusion

The growing prevalence of supply chain disruptions, ransomware, and invoice manipulation in 2024 makes cyber insurance more critical than ever for businesses of all sizes. As a commercial insurance producer, it’s your responsibility to educate clients about these risks and ensure they have the right coverage in place to protect their operations and their bottom line.

By leveraging tools like coverage comparisons and risk assessments, producers can differentiate themselves in the marketplace while helping

Employee

Why Employee Ownership is the Key to Sustainable Agency Growth and Talent Retention

September 4, 2025 No Comments

In an increasingly competitive commercial insurance landscape, agency owners are struggling to find long-term solutions for succession planning, talent retention, and business perpetuation. Many have considered private equity sales, others offer limited equity to top producers—but a growing number are discovering a more powerful alternative: the Employee Stock Ownership Plan (ESOP).

Read More »
Captive

Captive Insurance as a Business Continuity Plan: How Strategic Advisors Protect and Grow Their Book of Business

September 3, 2025 No Comments

In today’s competitive commercial insurance market, your book of business is under constant attack. Competitors are targeting your best accounts every day, just like cybercriminals probing a website for vulnerabilities. If you don’t have a plan to defend and grow your client relationships, you’re leaving yourself exposed.

Read More »
Sales

How to Reverse Engineer Your Sales Funnel and Crush Your Q4 Insurance Production Goals

September 3, 2025 No Comments

As we enter the fourth quarter, many commercial insurance producers begin to panic. Whether you’re behind on your goals or just trying to hit that final sprint, the Q4 crunch is real. But the producers who consistently win don’t treat Q4 as a Hail Mary. They plan with precision, reverse engineer their goals, and execute with ruthless consistency.

In this post, we’ll break down how you can reverse engineer your sales funnel, identify your revenue gaps, and finish the year stronger than you started. Whether you’re writing workers’ comp or cyber liability, these strategies apply across all middle market verticals.

Read More »
wholesale

Mastering Wholesale Partnerships: Submission Strategies, Underwriter Relationships, and Technology Tools for Middle-Market Success

August 27, 2025 No Comments

In today’s competitive insurance marketplace, middle-market agencies must leverage every available advantage to win and retain business. One of the most underutilized yet powerful resources at an agent’s disposal is the wholesale market. By establishing strong partnerships with wholesalers, agents can access capacity, expertise, and proprietary programs that are often unavailable through direct channels. However, success in the wholesale arena requires more than simply submitting risks and hoping for the best.

Read More »
Client

How AI-Powered Workflows Are Transforming Sales, Marketing, and Client Communication

August 27, 2025 No Comments

In the fast-paced world of commercial insurance, where every hour counts and every interaction matters, producers and agency owners are turning to artificial intelligence not as a replacement for human connection—but as a force multiplier. AI tools like ChatGPT are no longer just novelties or futuristic concepts. They are strategic business assets, helping commercial producers streamline workflows, scale personalization, and reclaim valuable time.

Read More »

Responses

Report

Harassment or bullying behavior
Contains mature or sensitive content
Contains misleading or false information
Contains abusive or derogatory content
Contains spam, fake content or potential malware

Block Member?

Please confirm you want to block this member.

You will no longer be able to:

  • See blocked member's posts
  • Mention this member in posts
  • Invite this member to groups
  • Message this member
  • Add this member as a connection

Please note: This action will also remove this member from your connections and send a report to the site admin. Please allow a few minutes for this process to complete.

Report

You have already reported this .
Killing Commercial Login