You can insure the previously uninsurable if you understand their risk profile.
Context:
A company in the manufacturing industry had just become an insurance client of Resilience. It was one of the first policies Resilience had issued. Before we were able to have our onboarding call, they were hit with a ransomware attack.
Problem:
This was an unusual predicament; a brand-new insured had become uninsurable before being onboarded. We quickly moved the client’s file from underwriting to our claims department and got to work. The incident was serious, and the client realized a total loss of $10M, $3M of which was absorbed by their Resilience policy.
Solution:
What we had to do became clear; to get this client back to insurability, we had to improve their security posture. We worked closely with the client’s CFO and CIO, which led to the formation of Resilience’s first major Cyber Primary Care (CPC) engagement. We helped them create and execute an incident response plan, to notify all their stakeholders and minimize the impact of the damage. Working with their executive team, we established a financial plan to share with their board to increase their cybersecurity budget. Together, we built an actionable cyber hygiene plan to rebuild their insurability.
Results:
Through implementing the cyber hygiene plan, we improved this client’s security profile and made them eligible for a strong insurance policy in 9 months. Just nine months from breach to insurability. The client’s board took our recommendations and increased their cyber security budget by 4X. This organization helped us prove that you can insure the previously uninsurable, if you understand their risk profile. We now hold quarterly meetings to engage their IT and business leaders for cyber risk management evaluation to uphold their cyber resilience.