Cyber insurance for all?
Small and medium businesses (SMBs) often lack dedicated IT staff, making it hard for underwriters of cyber insurance to understand their risk and price policies accordingly. Using traditional methods of gathering data, insurers may face a stark choice: offer insurance without truly understanding the exposure, or walk away from the opportunity. How can cyber insurance underwriters quote rapidly and accurately for SMB policies?
In this blog, Northdoor explores how underwriters may struggle to price risk for cyber security insurance policies when working with SMB customers. By deploying an automated solution to map each organisation’s security posture, underwriters can provide rapid, accurate and consistent pricing quotations.
The growing threat landscape
According to the latest Home Office statistics, 40% of businesses and 30% of charities have experienced some form of cyber breach or attack in the past 12 months.
The importance of cyber security for SMBs
While SMBs may be diminutive, the value and sensitivity of their systems and data can be disproportionately large. In the UK, even the smallest SMBs can have greater cyber security needs than many large enterprises, which is reflected by the fact that 42% have been attacked. The sector includes huge numbers of law firms, accounting firms, financial advisors and medical practices that are subject to the most stringent standards in data protection. On average, such organisations employ just a handful of people, so their internal capabilities for protecting themselves against cyber crime are likely to be extremely limited.
Real-world impact: NHS example
Although the NHS looks from certain angles like an enormous monolithic organisation, it operates as a set of semi-independent entities, many of which would qualify as SMBs. In England alone, there are almost 7,500 GP practices, many with no dedicated IT personnel, but holding some of the most valuable and sensitive data around. The Synnovis attack in June 2024 affected six foundation trusts and five primary care trusts in London.
Opportuinites and challenges in the cyber insurance market
SMBs represent a large and mostly untapped market for underwriters of cyber insurance, but also a risky one. As SMBs often seek cyber insurance simply to comply with their customers’ procurement policies, they may not go to same lengths as enterprises in providing information about their security systems and policies. Indeed, smaller SMBs without dedicated IT staff may simply not be able to answer underwriters’ questionnaires accurately.
Insurers need to understand the risk of dealing with SMBs, but neither side wants to spend significant time and money at the estimation stage. Current manual approaches to gathering information are too slow and unwieldy, leaving traditional underwriters struggling to compete with insurance-tech startups.
Northdoor’s cyber insurance solutions for underwriters
Northdoor has been working in the insurance application space for over 30 years. We have a solution to automate the generation of 360-degree cyber risk ratings, using powerful AI to map each organisation’s security posture and discover connected parties in the broader ecosystem.
Northdoor offers automated 360-degree cyber risk ratings using AI to map security postures across organizations. The result? Faster, more accurate cyber insurance quotes. Share on XIn addition to helping underwriters provide rapid, accurate, and consistent pricing quotations—especially valuable in securing SMB business—detailed ongoing risk assessments allow insurers to build closer relationships with policyholders. For more information, contact us directly.