Cyber threats are a problem for businesses of all sizes, but they can be particularly dangerous for small businesses that are not always able to cover the losses caused by cyberattacks.
Moreover, large Fortune companies can afford a dedicated cybersecurity team, whereas SMBs have to be mindful even when choosing an antivirus, which reiterates the importance of having a standalone cyber liability coverage to mitigate the financial damage caused by a data breach.
Nevertheless, so many small companies still underestimate the importance of having a cybersecurity policy in place, or they just erroneously think that their current insurance already covers cyber attacks.
In this interview with Asaf Lifshitz, CEO, and Founder of Sayata, we will better understand why small businesses should care about their cyber insurance policies, and how is the cybersecurity landscape evolving after the Covid pandemic.
What’s the story behind Sayata: How did it all start, and how has it changed during the years?
Sayata originally started as a software solution for assessing businesses’ cyber risk. In 2019 after extensive conversations with insurance providers, wholesale brokers, and many others in the industry, we saw a glaring hole in the way brokers find and securing business insurance, particularly cyber insurance for SMBs. This process, the “distribution channel,” we found to be surprisingly manual and time intensive for wholesalers. This led us to create the Sayata platform, a digital distribution platform built specifically for wholesale brokers where they can find insurance quotes, package them in an understandable format, and secure (a process called “binding”) coverage all from one online platform. Since we launched in early 2020, 10 insurance providers and over 120 brokerages have joined the platform.
What are your mission and values?
We want to improve every insurance broker’s working life in order to help them scale up, while doing the same for our people at Sayata. In other words, we want to create an ecosystem where we can grow together with our clients.
We like to deeply understand our challenges. We break down problems into their core elements and reason from first principles. The result is bold solutions that tackle challenges and create new opportunities.
We go at the core of every problem in order to come up with a solution and create new opportunities at the same time, and the only way to generate great ideas is to stay humble and honest.
Can you tell us a little bit about your platform? What are its key features?
We automated the entire quote-bind-issue process for wholesale brokers. Wholesalers enter a few pieces of information about an insured and get multiple quotes from leading markets, delivered in seconds. The quotes are laid out side-by-side and enclosed in a sales kit so the broker can simply forward them to the insured. The insured then selects a quote and completes the pre-filled application online. The broker then “binds” directly from the Sayata platform.
How can cyber insurance brokers help businesses get cyber insurance and stay protected?
Brokers sit in the eye of storm, perfectly positioned to help shore-up coverages for businesses in need of stemming cyber risk while concurrently ensuring that these organizations are optimizing their cyber hygiene to protect against threats and appease underwriters. Here are three areas where brokers can concretely help bridge the gap between cyber risk and SMBs.
Meeting carrier requirements
Brokers stay aware of the constant underwriting changes associated with cyber insurance. So they can communicate which cyber practices insurance providers require to give coverage.
Connect clients with preventative and breach response experts
Brokers connect businesses with legal and forensic resources that assist them in identifying gaps in their cybersecurity posture and help close those gaps before the application process. Brokers are key here as they communicate the insurance provider requirements to both the client and outside legal and forensic experts.
Secure the right coverage
Brokers are in the unique position of understanding the client’s cyber posture (as per above), their business needs, and the constantly changing underwriting criteria. As cyber coverage constantly changes to adapt to the ever-changing threatscape, brokers are keeping a pulse on product updates from carriers, allowing them to recommend the best, most relevant coverage for their clients.
How has the pandemic impacted the industry?
As we all know by now, COVID-19 came with its own share of cyber exposures. Remote work became a major security consideration. There was 400% spike in cyber attacks in 2020/2021. Further, the average total cost of a breach increased by over $100,000 per breach.
Ransomware in particular, drastically escalated. Due to the frequency of attacks and successful hacks on all sizes of companies, businesses are much more aware of the need for cyber insurance.
The problem is the current hard cyber market. A hard market is where insurance providers increase requirements for coverage and/or limit the scope of coverage. Additionally, rates also increase. This makes insurance hard to get and expensive. Cyber is experiencing a hard market, with changes moving at a fast pace. Insurance providers are changing and/or tightening coverage constantly, and/or adapting their underwriting requirements, forcing businesses to adapt by improving their cyber hygiene. Rates are concurrently skyrocketing seeing high double-digit increases quarterly.
How do you envision the future of your industry?
This is a broad question, so I’ll focus on Insurtech as part of the greater web ecosystem, as it evolves from Insurtech 1.0 to 3.0. 1.0 being the disruptors (think Lemonade, Root) that are “doing insurance better.” 2.0 are the supporters – making tech that helps mainstay insurance companies (E.g. Distribution – Bold Penguin, Sayata; Data – Planck, Verisk – multi-faceted). 2.0 is more focused on deeply understanding the needs of legacy insurance companies and helping them evolve, not supplant them.
Web 3.0, of which Insurtech is a part, is all about democratization. 1.0 was websites (read companies) communicating what THEY want. 2.0 was more free-flowing information and the ability to generate content but curated (social media). The promise of 3.0 is full accessibility to data by humans and machines that can be gathered, processed, and made sense of via AI/ML. This can profoundly affect distribution, underwriting, and claims – virtually any process in insurance. Not sure too many companies outside of blockchain are attempting this in a real way yet.
Some emerging Insurtech companies working towards the 3.0 promise are:
- Groundspeed Analytics
- Carpe Data
- Verisk is a larger company that’s been 2.0-ing it for a while.