AS THE RISK LANDSCAPE EVOLVES HOW DO INSURERS NEED TO ADAPT TO MEET THE NEEDS OF TODAY’S MAJOR CORPORATES?
Is the insurance industry innovating quickly enough to offer products that are geared towards new and emerging risks. What needs to happen in your mind?
No, in my view the industry is not innovating quickly enough and this is even more disappointing given the climate of what is a very competitive market. You would normally expect when there’s a great deal of competition in any marketplace that there would be innovation. But it just is not happening in insurance. If you take a look at one of the more recent developments in the market – cyber – while that market has developed in the last few years, it has developed very slowly. Still today there’s not a great deal of cyber-related capacity. Products are fairly expensive and it’s difficult to buy in a scheduled way because the wordings are not compatible.
From the customer side, we’re buying quite a lot of product that we probably don’t need and what we’d really welcome is a more bespoke approach, wrapping our arms around underwriters who really understand us, our business and our issues, and coming up with something that is very unique to BT. We’d probably spend as much as we do now, but it would be spent responding to the
risks that we have and less related to things that were issues some years ago and that are no longer as important to us now.
How is data and technology changing the risk landscape? Who does the risk manager need to partner with to respond best to these threats?
I see this as both a positive and a negative. The positive is that the more technology develops, the more data there is out there, the easier it is for me to store data, build my own databases and challenge my own output, and get more comfortable about our global landscape. That’s made us a lot more efficient. On the downside, as we all become more reliant on technology, when it doesn’t
work the whole organisation can grind to a halt, and this is where the cyber threat comes back in.
I think the risk manager is a bit stuck in the physical loss protections and all the old school traditional risk management – and that’s not to be overlooked – but at the same time, the really big threat is from the cyber space in terms of understanding the impacts to your business and what you can do to prevent that. The risk manager therefore needs to spend some time working with their technology team to understand single points of failure. However, often there’s a reluctance or fear that they are going to go into a space where they are uncomfortable.
Likewise, the CIOs are used to working in a box on their own, having to manage these risks and almost being an island… and they don’t easily engage by nature. So sometimes it’s quite a slow discussion, but once the relationship starts to build they understand we’re here to help.