Ingemar has interviewed a prominent broker for Legal PII with access to the whole Professional Indemnity market. This is what he said:
“Cyber security is an area that Insurers are asking more and more questions about in respect of a firms PII. With the Insurers pretty much on for any loss from the client account, then they will always have a keen eye on what measures a firm takes to protect the client account from both an internal and external perspective. The question of cyber security has been brought even more to the fore during the pandemic, as so many firms have had staff working from home. Therefore, Insurers are very keen to understand that a firm has the same security for their systems when being used remotely as when they are being used in the office.
There is one Insurer that now even goes as far to make all PII quotations subject to a cyber audit. The client pays for the audit (cost ranges from £350 plus VAT to £1,000 plus VAT dependent on the firm) within their overall premium and involves a remote penetration test being carried out on their systems. A report is issued after the test to the client and will include system improvement requirements which the client has to implement within 90 days of the report being issued.
As for Cyber Essentials and Cyber Essentials+, then there is no direct correlation between having this and the PII premium, which is the same as something like Lexcel. However, what it does demonstrate to an Insurer is that a firm is operating to a certain standard in relation to the management of a particular risk, so they have to make less assumptions on that firm and allows them to discount the rate.
It is my understanding that there are Insurers that will offer more favourable terms to firms that have Cyber Essentials but only in respect of Cyber Liability Insurance. One insurer agrees to reduce the policy excess to Nil if the firm has Cyber Essentials as one example of concessions available on Cyber Liability policies.”
HCL can assist you in obtaining cyber security accreditations: Cyber Essentials, Cyber Essentials+ and IASME. We can also assist if you suffer a Data Breach. Finally, HCL offers a DPO service where you may buy in the services of our Data Protection Officer just for the number of hours you need a week or month, or indeed for a specific review or project. Contact us on 07887 524507, [email protected] You can follow this link for our DPO service: https://www.hunningsconsultancy.co.uk/dpo-service-data-protection-officer/