IT and Business Insights for SMB Solution Providers

5 Rules of the Cyber Insurance Road

Nothing about cyber insurance is predictable these days, with the partial exception of these basics. By Rich Freeman

REMEMBER the good old days when cyber insurance was cheap and readily available?

“A few years ago, if you had a pulse and an address you could get a cyber insurance policy,” says Joseph Brunsman, founder of Brunsman Advisory Group, a tech industry insurance brokerage in Arnold, Md.

Now, thanks to a tsunami of ransomware, getting coverage and using it are both significantly less predictable. Here, however, are five of the few bedrock principles still remaining.

1. Stay in your lane

You wouldn’t give a customer medical advice, would you? You shouldn’t give them insurance advice either unless you like the sound of lawsuits and regulatory fines. The moment a conversation goes beyond broad guidance on why cyber insurance matters and what it can protect against, steer your customer straight to an experienced agent.

“Just show some knowledge and some credibility, and then exit stage left,” says Justin Reinmuth, CEO and president of Techrug, a risk management and insurance firm for channel pros in Columbus, Ohio.

2. There’s no one size fits all

If you catch an agent pushing everyone to the same coverage, run.

“There is no one best policy or provider,” Brunsman says. “It’s going to depend upon a whole bunch of unique risk factors.” Your job, he adds, is to help identify those risk factors, which could be anything from the customer’s network architecture to their compliance obligations to their fat bank account, depending on what they do and in what industry.

3. Focus on fundamentals

If anything prevents your customer from getting their claim paid, it’s likely to be failure to implement basic security measures like multifactor authentication and BDR.

“You really should be using that [policy] application as an opportunity to revisit any glaring omission of controls,” Brunsman says.

4. Don’t take no for an answer

A client who refuses to put basic safeguards in place is probably not a customer you want. “The risk is just going to be too high moving forward,” Brunsman says.

The same goes for a client who refuses to buy cyber insurance, adds Reinmuth. “You don’t want their mistake to become your mistake,” he says.

5. Stay current

The four previous guidelines may be reliable, but pretty much nothing else about cyber insurance is these days, so keeping up with the latest rules, requirements, and trends is essential.

“Be flexible,” Brunsman says. “There’s really nothing you can particularly plan for as an MSP outside of understanding that you have a professional duty and an affirmative liability to suggest greater controls.”

Image: iStock

About the Author

Rich Freeman's picture

Rich Freeman is ChannelPro's Founding Editor

ChannelPro SMB Magazine

Get an edge on the competition

With each issue packed full of powerful news, reviews, analysis, and advice targeting IT channel professionals, ChannelPro-SMB will help you cultivate your SMB customers and run your business more profitably.