Insurance, Cybersecurity and Your Business

TS: Tell you the pleasure is all mine, Steve. So can you just give the listeners a little bit of background on yourself?
SE: Of course. On a professional level, I've been working in the insurance industry for 10-plus years, over which I've been involved in many aspects of many different types of businesses, but I'm mostly real estate and construction focused.

On a personal level, I have three kids under the age of seven. So needless to say, my weeks and weekends are very, very busy.

My clients range generally from multifamily owners all the way up through industrial developers and anything in between. Retail, office, multifamily, and industrial are my main focuses up in the Northeast mostly, but we are a national firm, so dealing with clients all over the country.
TS:So needless to say, Steve, you get no sleep.
SE: Correct.
TS:All right, that sounds great. Well, listen, I'll call it on a professional level. You and I have talked in great length on cybersecurity premiums. A lot of clients are seeing massive increase in these premiums that are coming down the pipeline. What has been the leading cause of these increases?
SE: Tim, I've been thinking about this question a lot, and I get this question all the time. It's difficult to pinpoint the major leading cause, as there are many factors which come into play. But I would say the two main drivers are, number one, market correction, and then the number two, the increase in number of breaches, as well as the severity of these breaches. The last thing I'll say, and I know I only mentioned two, but the third thing is really that these hackers are getting much, much smarter in the way that they do things, which are making the insurance companies very nervous from their risk perspective.
TS:I mean, that makes a lot of sense. It's great that you also take a proactive approach with your clients. You and I have had a lot of conversations outside of this podcast. Can you tell us a story or two about some of the clients that you're currently working with or are working with in this realm?
SE: Yeah. I think you need to be very proactive in your approach, especially in my position with your clients, because you don't want to get caught with any surprises. One of the clients that I picked up pretty recently was told that they needed to put in multifactor authentication for all of their staff in order to renew their insurance premium with the current carrier. They only had about 30 days to do that, so you can imagine how difficult it might be to do multifactor authentication and take time away from your major business by having to put these kind of initiatives and protective procedures in place. But needless to say, the carriers are requiring them, so it's necessary, but you really have to get out ahead of it and understand what the insurance companies are looking for on a renewal basis. Otherwise, you're going to be having a lot of problems and having to scramble around when you really don't want to do that.
TS:Nope, and that makes a lot of sense. One of the nice things too, Steve, working with you on this is if for some reason a client really needs help in this realm, EisnerAmper actually does provide a lot of these services that can help people get there. Correct? So if there's ever a cybersecurity need, especially from implementation perspective or just reviewing systems, our internal team is very helpful in that regard. So just as something there to keep in mind.

Again, we wanted just to give a flavor for our listeners here today. Do you have any parting words for any of our listeners here in regards to the cybersecurity premiums if they're considering these things?
SE: Well, I think that the way you get the best results from a cybersecurity and cyber insurance perspective is by letting the insurance carriers become more comfortable with your company as a risk as a whole. So one of the ways you do that and a nice strategy to do that is to take a proactive approach. But beyond that, really make sure that your controls from the cybersecurity perspective are in line and always being looked at and revised and tightened up as much as possible. It sounds like your firm can do a nice job at helping my clients and prospective clients do that.
TS:Steve, what proactive approaches can business owners do?
SE: Well, it sounds kind of trite, but you need to get out ahead of this if possible. Most business owners don't like to deal with this insurance when they don't have an issue. But what I'm seeing is that you need to take a proactive approach in order to drive that cost of it down. It's not something that happens overnight. It's not something that an insurance company can give you a quote immediately. So you really have to go about 60 to 90 days out of when your insurance renewal is on the one hand. Then the other thing to do is just to really make sure that your controls are as tight as they possibly can, everything is as secure as it possibly can, because that's really going to lead to getting you the best possible deal out there and the best return on your money for what the premium is.
TS: Steve, thank you so much for this valuable information. As always, I'd like to end with a fun fact. Did you know that the very first submarine ride took place in the Passaic River?
SE: No.
TS:There you go! Thank you for listening as part of the EisnerAmper podcast series. Visit eisneramper.com for more information on this and a host of other topics, and join us for our next EisnerAmper podcast.

^{Transcribed by Rev.com}