AI Wisdom Ep. 21: Cyber Analytics is a Growth Opportunity for Brokers

Digital Transformation - November 18 2020

On this episode of the “AI Wisdom – Talking Innovation in Insurance” podcast, host Ron Glozman speaks with John Anderson, Client Services Manager, CyberCube about the importance of cyber insurance, the key role that commercial insurance brokers can play in educating their customers on the perils of cyber risk, and the instrumental role of analytics in the cyber risk ecosystem. Click the play button to listen or read the full transcript below.

Full Transcript

Ron: Hello, and welcome to "AI Wisdom – Talking Innovation and Insurance." On this podcast, we talk to business and InsureTech leaders about how artificial intelligence is transforming the way we buy and sell insurance. I'm your host, Ron Glozman, founder, and CEO of Chisel AI, and a strong believer in the power of AI to help people work smart and enrich their lives. So, let's get into it.

As organizations have come to terms with how to manage their remote workforce, digitally pivot manual processes, and manage their IT infrastructure remotely, a new opportunity has emerged for commercial insurance brokers. With the rise of cyber incidents like financial planning scams, ransomware, and data breaches, it is now more important than ever for organizations to ensure that they have adequate cyber insurance coverage. New tools have emerged enabling brokers to help their customers quantify cyber risk exposure and facilitate informed insurance buying needs.

Ron: I'm really excited to have John Anderson, Client Services Manager at CyberCube joining me today as we discuss the importance of cyber insurance and how commercial insurance brokers can help their customers better quantify cyber insurance exposure or cyber risk exposure and make better cyber insurance buying decisions. Welcome, John. Thank you so much for taking the time. Can you please introduce yourself?

John: As you referenced, I'm a Client Services Manager at CyberCube, and I work with a number of our clients across the cyber insurance ecosystem to help aid them in their consumption of cyber data and analytics through our cyber risk aggregation modeling and single risk insight products. Previously, I worked as a cyber underwriter for a major insurance carrier, which I believe you might be familiar with.

Ron: So, given your background, I think you have a lot of powerful insights. And obviously, the topic of the conversation today is on cyber security because there's a lot of changes on the horizon, especially given the fact that people are working from home. They might have personal laptops and devices, not going through VPN, maybe outside the company's firewalls and security. And that risk is huge and hard to quantify. So, when you think about risks and maybe let's start with email phishing scams, because they're becoming more and more prevalent. Cyber criminals are just looking for a way to find a wormhole into that IT infrastructure and, from there, do havoc. What can companies do to protect themselves from a costly breach or a ransomware attack?

John: As you've identified, phishing scams are certainly growing in popularity and we're even seeing this newer trend of what's called ransomware-as-a-service. And of course, these ransomware and malware attacks, vary in sophistication with some of the more virulent strains being tough to combat and causing increasing costs for companies. Obviously, taking some preventative measures block these attacks are important, but reality is they are not always enough. So arguably, one of the best policies a company or organization should have in place is around education and awareness of the threats around phishing emails and really social engineering. This could include formal training and even internal phishing campaign if a company is able to set it up, stress-testing the organization and its employees' ability to spot a phishing email and effectively report and block the attack. At the end of the day with an email phishing attack, employees are really likely to be the weakest link in the chain of defense.

Ron: So, when people are thinking about how they can help safeguard against this, you talked a little bit about training and education. I think training and education is a great place to start. Are there maybe specific software or technology that you've heard about that you're bullish on that is going to hopefully have a positive impact?

John: With respect to specific software programs, I'm not having one come immediately to mind for it. I know there are a bunch of prepackaged solutions out there that you can easily get for your organization. I know some more sophisticated organizations actually end up building it in-house. But there are a number of options out there. I would just start by saying something's better than nothing with a phishing program and campaign for your organization.

Ron: What do you see as the broker's role in helping their clients protect their valuable assets sort of like the third party or one degree of separation?

John: So, brokers play quite an important role in helping their clients understand cyber risk. They're already quite embedded in their customer's organization and really understand some of the different operational features that their client has and the potential risk that the company has overall extending well beyond just cyber perils. So, there's quite a bit they can do here and one thing they find themselves is having access to people in not only a risk management function, but also, they get access to people in information security sometimes, although, while this may sound of benefit the problem they find is they may be speaking to the risk manager and maybe speaking to someone in the information security department of a company but not always the case they're speaking to both and even when they are speaking to both, what they find is, these two individuals at the organization aren't always speaking the same language and don't always see eye to eye about what's at stake for the organization. So, brokers, really need to find a way to help bridge the gap and find a way to communicate cyber risk and the various cyber exposures that that organization has, using some kind of common lexicon if they can.

Ron: So John, speaking of communication and having clear communication and making sure that people are talking about the same thing, I would love for you to talk a little bit and maybe clear up some misconceptions around the concept of standalone cyber insurance and an add-on to an existing policy. What are the differences? When do you get which one? Can you shed some light on this?

John: Yes, there really is a pretty big difference between standalone policies and those add-on endorsements that you see on a BOP or CGL policy and the like.

The standalone product tends to offer a much wider trigger than those add-on policies often times with a higher limit and really coverage that spans both first-party costs and third-party liability. It's tough to generalize too much as cyber insurance policies are not created equal and are really rooted in proprietary forms from carrier to carrier.

However, with these add-on endorsements, you tend to see much more limited coverage, again, at more of a reduced limit and with a much more narrow trigger and it also might only be covering certain aspects of some first-party costs and doesn't help cover the peril at large.

Ron: So well said. I think people are going to really understand what the differences are now. Now, I hear that you recently published a report called ''The Role of Intermediaries in Placing Cyber Risk.'' Can you tell us a little bit about the report and where people can find a copy if they are interested?

John: Absolutely. So, in short with the report, we highlighted three main factors that hinder growth and really five opportunities and understandings that can help brokers capitalize on the cyber environment. We articulate that brokers hold the key to growth and that they can position themselves to unlock this growth as a trusted advisor at the centerfold of understanding cyber risk, more technical cyber terminology, some pretty complex insurance language, and understanding of broader insurance needs as well as through their partnerships with carriers. In terms of where someone can obtain a copy, if you go to our website,, and clicking on the resource tab, there should be reports available for download there.

Ron: Sounds very cool. So as cyber insurance, the landscape of cyber insurance changes, which is happening, probably faster than it ever has been before, what can brokers do to better address the emerging risks that affect them and their customers?

John: Truthfully, one of the best ways for really anyone to stay informed is to subscribe to some various news feeds on emerging trends and risk out in the market. I mean, there really is a lot out there and it can be tough to sit through all of that noise, especially not try and do all of the primary research yourself. So, I personally tend to stick to a handful of outlets and feeds. So, I'm in a unique position working for a data analytics company that consumes a lot of this raw information.

I think many brokers are already pretty good about connecting with underwriting carriers and others in the ecosystem to learn about claim trends as well as see a number of them firsthand. But knowing how challenging this is, at CyberCube, we actually tend to share a number of these articles on threat landscape and the threat landscape environment for the insurance community and post a bunch of these articles and blogs on our website, again, for those that are already interested in going there for a copy of the report.

Ron: So, when you think about the biggest challenge that is facing the industry today, if you had to name one specific challenge, what comes to mind?

John: One of the biggest challenges we found for commercial brokers is the still relatively solo sales cycle for cyber policy adoption. We actually address a few understandings and suggestions in the report I mentioned before on the role of intermediaries to help overcome this and would encourage brokers to understand that they already have many of the right tools in their tool belt to facilitate a greater adoption of insurance consumption.

Ron: I'd be curious to hear if... would you say carriers have the same problem or a different problem? And if so, what would you say the biggest problem facing carriers is?

John: For carriers, it's a slightly different problem. They're more concerned with managing profit and loss whereas brokers are really the key to the growth engine for the greater adoption of cyber risk policies.

Whereas, carriers are worried about the potential losses that will come in as well as trying to maintain a balanced portfolio. So, I would say the cyber market is still very much in a growth mode and for a lot of carriers, they're very much hungry to grow.

However, at the same time, they're trying to manage the full risk profile of their book of business and are concerned with potential aggregation events that could impact them as well. I would say in terms of a competition factor, there are a number of carriers out there in the marketplace that are offering cyber coverage and carriers are really striving to find ways to differentiate themselves from one another. They're able to do this based on those proprietary forms we were talking about and the various coverage offering that they can put forth. But then they're also trying to help differentiate themselves via some of these third-party service offerings that come along with the policy.

Now, these third-party service offerings can be both pre-breach and post-breach with the purchase of a cyber policy.

And that's really where insurance carriers are trying to show some of the most value they can to their current customers and then they're in turn trying to work with brokers to help them understand what their unique offering is and how it is that the broker can then sell and communicate that to the end buyer.

Ron: And the competition, I imagine, is fierce, as you said, and differentiation is so important. I think a lot of people and not our listeners necessarily, but outsiders looking in can give very confused. Purchasers, independent companies who may not be as sophisticated looking outside in very, very hard to tell that difference. So, I think the intermediaries, as we've talked a little bit about, have such a key role to play. There's I'd sort of call like a translation layer and feel free to jump in here, but to me it feels like a translation layer and you talked about communication being so important and making sure that people are using the same language and that's where the intermediaries come in.

John: Yes, certainly. I was mentioning before there's really a lot of complex language out there and it's not all just cyber insurance policy language, but also just understanding some of these more technical cyber security terms and naming conventions that exist out there can be a lot to digest.

For brokers, they're in a great position and opportunity to take some of those learnings and work with customers to help them understand the connection between some of these more technical cyber security phenomenon or phenomena, I should say, and the cyber policy language that's used to cover these potential perils.

Ron: Love it. We're going to take a quick 20-second break to tell you where you can find more information and insights about insurance innovation. We'll be right back.

[If you liked this episode of AI Wisdom, subscribe to our blog, Writing the Future: AI in Commercial Insurance at for feature articles, interviews, opinions, and more.]

We're back with our featured guest, John Anderson. Let's jump right into the next question. COVID-19 aside, what are some of the other trends that you're seeing in the commercial insurance space in the short term?

John: So, I'd say for the short term, we should probably break this up between catastrophic impacts and maybe more attritional-type impacts. The growing interconnectivity and digitalization of technology and really organizations' reliance on certain service providers is one such area of concern for catastrophe potential. For insurance carriers, this means the aggregation potential from certain types of events and we're already seeing this now with the increased reliance on videoconferencing.

As companies seek to be more digital, we're seeing greater reliance on the cloud and to avoid being too vague about the cloud, what I'm talking about is really the entire cloud ecosystem, not just the infrastructure level, but down to the software and platform as service providers.

In terms of more attritional impacts, I would say the growing ransomware landscape and the more attritional losses that are seen there from various recovery costs will be a continued realization for carriers in the marketplace.

Ron: I'm curious, have you seen maybe artificial intelligence or some other technologies really helping?

John: So at least for the insurance industry, I would say absolutely. It has been quite a slow adopter of technology relative to other industries and is still relying upon more analog legacy systems and approaches.

However, the winds are changing, and greater efficiencies are being seen and realized with some more digital applications and forms of communication with clients. As intermediaries with limited time and often limited resources outsourcing some of their heavy lifting to insurtechs with solutions that could be more tailored or customized to their client is a big differentiator for brokers.

At the end of the day, their clients want a more seamless risk mitigation and insurance purchasing experience. The same is true with insurance carriers and others in the insurance ecosystem as well.

Ron: That's a great way to put it. So, let's talk a little bit about customers and customer-centricity because customers at the end of the day are what we live and die by and what we stand behind and who we're there to protect. And so, customer-centricity is really...and customer service and being the best possible is really a key objective for many brokers. So how do you feel they can better align with insurtech speaking of that alignment to deliver a customer experience, a better customer experience?

John: So I think I already mentioned a few ways and it's really that customers want an easier experience and they want to find ways where the idea of purchasing cyber insurance and really understanding their cyber risk exposure is a more streamlined process. And so, anything that brokers, and really any in the ecosystem can do to help with that, is going to make the customer experience a lot better. You know, I would add to that, anything that can be done to really tailor some of the solutions and insights to the specific customer is also going to be seen as a great value add from the customer's perspective, because there is quite a lot out there on...whether it be anecdotes from various news stories, especially in the cyber insurance context around the big types of losses that can happen to some of these major organizations.

However, if you're a smaller client, that might not be as important to you or you may feel ok or you feel a little separated by it, I should say, and you want to understand what's happening to more like companies, and you want to understand how your specific and unique risk profile is going to be impacted. You want to see how, if you're buying an insurance policy, how that coverage is actually going to pick up for you at the end of the day.

Ron: Exactly. That's exactly what you need to focus on. I'd love to hear as we start to wrap up, what is a piece of innovation wisdom that you would offer to our listeners?

John: This is a great question. I would start by saying I think it's incumbent upon all of us to drive innovation.

For the insurance industry specifically, I would say that innovation requires patience and perseverance. There are a great number of opportunities to deliver value and realize efficiencies for this industry.

And despite often great resistance and the common sentiment that this is just how things are done, many have already proven how fruitful these opportunities are. I'm personally excited to see the continued changes that can be brought to this industry.

Ron: Personally, as I heard you say those words, I think it goes even beyond just like this industry. I think patience and perseverance is two of the most important skills that a person can have. I've seen many times projects where sometimes things take longer than expected. I think it's just a fact of life. and you can be so close to the end and say walk away. I think patience and perseverance, I personally very much resonate with, especially as a startup. You know, we're every day working our hardest and trying to do the best we can. Perseverance, I love that message. So, thank you, John. And so, having said that if people want to find out more about what you do and maybe download that book as we mentioned, where can they find it?

John: You can certainly find us online at again, www.cybcube, that's There are a number of resources that we have available, including the report we most recently published on the role of intermediaries as well as a number of other reports and blogs and other articles related. And then you can also find out more information about us on that website or on LinkedIn.

Ron: Awesome. Thank you so much for taking the time, John. And as always, you can find out more about Chisel at Everybody, please stay safe and we'll see you again next week.

That’s a wrap for this episode of “AI Wisdom” hosted by Chisel AI and me, Ron Glozman. Thanks for listening.

If you like our podcast and want to hear more, check us out at or tune in and subscribe wherever you get your podcasts: SoundCloud, Spotify, iTunes, Google Podcast, or Stitcher

Join us next time for more expert insights and straight talk on how AI and insurtech innovations are transforming the insurance value chain. See you on the next episode!

Browse different topics

Recent Posts