The average ransomware loss hit $353,000 this year 📈

Cyber Savvy Broker: Megan Griffanti

Cyber savvy broker: Megan Griffanti

As technology transforms the economy, businesses of all sizes have to navigate a new kind of risk: digital risk.

The most successful brokers will need to be prepared to help their clients navigate these complex risks. Our "Cyber Savvy Broker" series highlights forward-thinking brokers with the knowledge and skills to help their clients navigate this digital transformation.

Megan Griffanti has worked in risk management for more than a decade. She graduated from the University of Mississippi with a bachelor’s degree in Risk Management & Insurance and then joined AHT Insurance — a Baldwin Risk Partner — almost nine years ago. Megan shares the skills she believes are essential for being a tech-savvy broker in today’s market, how to provide the right guidance to clients, and what she looks for from insurance carriers in a partnership for her insureds.

What are some essential skills for brokers quoting cyber insurance at a time when cyber threats are seemingly unending? 

First, it's being proactive with clients, knowing their exposures or vulnerabilities, making them aware of these, then finally providing a resolution for them. Specifically for cyber — about five years ago, we were automatically including cyber liability quotes with all insurance renewals as a recommendation because we realized this was a gap in coverage for our clients. Now, we’re constantly reminding all insureds it’s not a matter of if but when an incident occurs since the frequency and severity of claims are only continuing to increase. 

Being an insurance broker is essentially two-sided: you’re the agent focused on policy language and renewals, but also you’re a risk manager and advocate for your insureds.

What skills do you believe are essential to navigate the hard market, and what skills have you gained from collaborating with cyber insurance providers?

With Coalition, we realize the true value of the Cyber Risk Assessment. With every quotation we provide to our clients, we’re including the results of the assessment, so they learn about this report as a resource. We’re notifying insureds of their vulnerabilities and providing various recommendations on how to address these risks through the assessment.  

Another skill is being fully transparent with insureds. The cyber insurance market is crazy right now; we should stay ahead and prepare insureds for what their true cost will be so they can budget accordingly. We're also notifying clients that some insurance carriers are restricting their underwriting capacities. As brokers, we should be proactive with our communication and deliver this message to our insureds ahead of time so they can prepare. Additionally, we're forewarning insureds on contingencies, such as having multi-factor authentication (MFA) in place even to receive a Cyber Liability quotation or closing Remote Desktop Protocol (RDP).

We should advocate for our clients so they can better expect what their quote or renewal will cost, as well as try to help them mitigate their risks.

What are your policyholders and prospective clients saying are their biggest concerns regarding cyber risk? 

Specifically for the manufacturing industry, their main concern is having their operations shut down for a period of time due to a disruption or cyber incident. We know after incidents like Colonial Pipeline, cyber risk isn't just a digital risk. Threat actors have shifted their intentions from stealing data to disrupting critical infrastructure, and many do so through easily exploitable pathways.

Computers control all communications and processes nowadays, so this makes anyone at risk of being attacked, especially now for the manufacturing and industrial industries since the lines between information technology (IT) and operational technology (OT) are continuing to blur. Having manufacturers' operations shut down for several days due to their systems being locked by ransomware would be a huge loss of revenue for our clients and can have major supply chain implications down the line.

What do you look for when recommending insurance partnerships to your clients? 

First and foremost, we look at the policy — what insurance truly comes down to — making sure the policy language ties back to the organization's needs. With our manufacturing clients, we look to broaden terms such as computer systems to include Industrial Control Systems (ICS) and SCADA, so there's no gray area of what is covered, demonstrating to insureds that the policy is tailored to their operations.

We also pay attention to who the panel providers are — insureds should know who is going to be assisting or defending their organization. When a cyber incident occurs, it should be clear who to call. With Coalition, we make sure our clients understand and know to call Coalition's “911” number to reach the Incident Response team.

Other insureds will call their agent, then call their carrier, then call their counsel — that's just too many parties to remediate what's happening. You want the experts at hand, and speed is critical during a cyber incident. Unfortunately, too many organizations still don't have their preparedness plan in place, so we are reminding clients that Coalition is readily available with a team in-house.

What do you think the insurance industry has done well to evolve? Where do you see areas of improvement? 

The insurance industry has evolved to many carriers taking on the insurtech persona like Coalition, offering more than just a reactive insurance policy. Compared to other insurers, Coalition has a robust team of security engineers, analysts, and an in-house response team in addition to their underwriters.

Another way the insurance industry has evolved is by recognizing the partnerships many carriers offer. For instance, Coalition has various programs and resources that are included for their policyholders, such as Curricula offering free employee security awareness training. As a broker, we want our clients to leverage these security tools or resources and really take advantage of them.

What do you see as the most significant challenges preventing the digitization of the insurance industry?

At AHT, we want to be the best advocate for our insureds. Recognizing there was a gap in clients' insurance programs, Coalition helped give us a game plan to get in front of cyber risk.

"Our insureds are now asking directly about Coalition."

For instance, every year we would recommend one of our long-time clients purchase cyber liability insurance. Unfortunately, they were attacked prior to binding insurance, and their systems were shut down for months following a cyber incident. Coalition provided a quote (even after the organization had suffered through this incident) and assisted with implementing security measures to ensure incidents like these would not happen again for our client. 

Improve your cyber knowledge with Coalition

Cyber insurance is one of the fastest-growing insurance products and a huge opportunity for brokers to grow their book of business. Coalition's Cyber Savvy program equips you with the tools and knowledge you need to deepen your cyber risk expertise and advise (and protect!) your clients. 

You can access more free Cyber Savvy Broker resources to continue your learning journey.