An international insurer was looking to underwrite a large cyber risk, using a non-standard policy. The insured company was owned by a single family and had both information technology as well as operational technology assets.
The insurer wanted comfort that they understood the true level of cyber risk within the insured organisation and how well it was being managed. They also wanted to make sure the policy was fit for purpose, and that the premium was appropriate for the risk.
MDR Cyber used a team from their cyber security practice alongside an experienced insurance lawyer. The team has experience of underwriting large-scale insurance risks from their previous roles in the insurance market. The team conducted a high-level assessment of the insured’s cyber risks and security posture, using a proprietary assessment tool. This was combined with a detailed review of the policy coverage to ensure that the policy was fit for purpose, alongside a legal review of the policy wording.
MDR Cyber were able to leverage their access to the Lloyds insurance market to discretely benchmark the proposed premium, and the market’s current perception of similar risks.
The insurer was able to negotiate a substantial premium increase, closer to the market rate for the policy. They demonstrated that the policy was a close match for the risks that the insured faced, and that the policy would respond if there was an incident.
The insurer felt comfortable that they had appropriately underwritten the policy and could demonstrate the steps they had taken to their regulator.