CyberGuide - Information Security and Cyber Risk Management

The journey to become a cyber-insurance champion

By Shay Simkin, Howden Insurance Brokers

I started my insurance career in 1986 in London, studying the ACII and working in the market as a trainee. Insurance was one of the pillars of the City of London, and I always felt I had chosen a meaningful and respectable path. I valued the professionalism and the knowledge of the people I had the privilege to work with, many of whom were specialists in their fields.

It was only when I returned to Israel to open my own broking firm did I realized that, due to the nature of the market and my personal status in life (married + young child), I needed to become a generalist. In the first 10 years of my career, I was not enjoying my life as a broker and was mainly working in a survival mode. In 1997, I decided to look for a different career.

Technology always fascinated me and living in a “start-up nation” like Israel, I felt it was the right time to do something for which I felt a passion. I was on my way out of the industry, but luckily my partner stopped me and came up with the idea that I should combine my passion for innovation with insurance. Internet in Israel was just becoming more available and when I dove into the web, I discovered a new and exciting world. I then also realized this could be my opportunity to combine my knowledge in insurance and to create new and innovative products for businesses to move operations onto the web.

Through the internet I met a few people around the world that had the same interest and understood the opportunity. In 1998, I started a company called with my partner. I had renewed energy and the feeling we were about to create something new, which was thrilling. In my opinion, the insurance industry, unlike other industries that understood the need for innovation, was dormant for many decades and it was time for insurance to be disrupted.

When I started out, I had no specific background or knowledge in technology and I thought it would be impossible to develop something new. To be a true “specialist,” I needed to go back to basics. I remembered that during my search for a new career path, I came across a lecture of a very interesting person whose words surfaced again when I was developing “If you concentrate on learning a specific subject for 1-2 hours a day for 5 years, you can become a world expert in the subject.”  It was my time to become a world expert in insurance and technology.

Being a typical Israeli, I believed I would be able to shorten the distance by doing more hours per day. I signed up for every computer magazine available, went to lectures and conferences and anything which could help me understand the world of technology. When I didn’t understand something, I nagged my tech friends and even started using the web to enhance my studying.

Creating something new allowed me to travel around the world and meet some fascinating people with the same urge to build new products for the changing world. In late 1999, we started marketing a product we called “internet liability.” Back then we were ahead of the curve and it was not a great success, though it was a great learning experience.  Emerging web-based companies, called “the dot com boomers,” had more interesting and urging matters to deal with than “internet liability.” These companies were built by mostly young entrepreneurs and managing risk transfer was the last thing on their mind.

Up until 2014, cyber insurance was a niche product with no market awareness. Most sales of the product where in the U.S., driven by local regulations such as HIPPA and notification laws. However, during all this time I kept one foot strongly in the IT world knowing it would come back one day. I kept in check with the ever-evolving tech world by constantly reading and learning about the cutting-edge technology developments and centering my knowledge on the application of cybersecurity. I understood well that being a cyber broker needed a different set of skills, which fortunately I acquired over the years. To be able to have a conversation with a CISO or CIO, I needed to be equally knowledgeable on cyber risk management, cybersecurity products, and the changing landscape. I realized that in order to develop this expertise in the Howden Group, I needed to teach my fellow colleagues around the world this new language. This will empower them to reach out and feel confident when working alongside tech teams of clients.  In mid-2014, we opened the first “Howden Cyber Academy,” and over a period of 8 months we provided our global cyber team members the set of skills they need to become brokers for this emerging industry of Cyber insurance.

Since then our cyber book has grown and expanded into new territories with global demand for our innovative cyber insurance products and services. During this process, it became clear to me how important it is to supplement the cyber insurance broker, underwriters and claims specialist with deep expertise in cyber technology to create a competitive edge in the market. To become a specialist, they had to study daily (1-2 hours) as I have been doing for the past 20 years. Moreover, they must attend tech conferences and meet up with technology companies in order to be at the forefront of this ever-growing and changing ecosystem.

In the last two years, Cyber insurance has become the fastest growing product in the insurance market. Cyber insurance is the highest priority of every management and board of directors around the globe, and it will remain a key risk in the coming decades.

I have advocated in every form and on every stage over the last few years on a missionary level to say that the biggest hurdle to the development of Cyber insurance is not the market, product, or the clients. It is us, the insurance industry. We have invested only minimal efforts and resources in the set of skills needed for underwriters, claims handlers, and brokers. We can only blame ourselves for this lack of investment in talent, but I truly believe it’s not too late. In my frequent visits to London, I see a new breed of underwriters who are young, technical and knowledgeable – with motivation to learn and develop. Many of them must rely on self-motivation and personal development, which is hardly supported by employers that are in desperate need to acquire and develop such skills to meet the growing demand.

I call upon my fellow industry leaders to bring into the insurance world young and talented individuals who for years did not have the opportunity or the motivation to go into our industry.

This opportunity is not only in the cyber insurance product and services, but also in all types of insurances being disrupted such as property, casualty, aviation, marine, art, blockchain, finance, etc. One only needs to look at the most recent Allianz Risk Barometer to see that the biggest risk facing every business around the globe is cyber. Let’s change the mindset of people in our industry who still think that they can take millions of dollars of risk on their books without deeply understanding IT and OT technology. The businesses that we insure are running on connectivity and computers, and if we are to help clients manage their new risks, we must provide the complementary education needed for the next insurance generation.

Insurance is a risk transfer mechanism, and if we wish to remain relevant to our clients, we must help them identify, understand and manage those emerging risks.

These are truly exciting times for us. Let’s embrace this opportunity and evolve the training mechanism at the same pace as the products and services being developed.

I have just recently assisted a client with a very complicated cyber event, providing him with immediate incident response and successfully stopping the event. After the event, the client confirmed what I have been telling him for years: “You saved me, and I never imagined insurance could play such a vital role in my business.”

The journey to become a cyber insurance specialist started for me over 20 years ago and has helped me develop a stimulating career. After so many years, I still wake up every day with deep passion and excitement for the innovation and challenges facing our industry today. Now it is my duty to make sure others in my industry feel the same way.

About the author: Shay Simkin is the Global Head of Cyber at Howden Insurance Brokers Ltd. Contact Shay Simkin via [email protected]