What Agent Who Wrote First Cyber Policy Thinks About Cyber Insurance Now
It was more than 20 years ago. The Internet as it is known today was in its infancy. Steven Haase was with an insurance agency in Atlanta focused on insuring technology companies.
“Around 1995, I saw the commercialization of the Internet. I was working with these clients and they had major exposures. I was trying to figure out what I was going to do about it,” he recalls.
The agency that started out as Network Risk Management Services is today known as INSUREtrust, a cyber liability wholesaler and Haasee is CEO.
Among his clients were several large and early Internet players; one invented online banking, one was the largest network security company. The company that invented online banking had bought a bank and started processing everything, lots of data, through the Internet.
“I’m looking at it. They have auto insurance, workers’ comp, property insurance, D&O, EPLI, but they have all this data, and all this exposure. I started shopping the marketplace to put something together. Nobody wanted to do it. There wasn’t really a good methodology for loss control, loss prevention.”
Then he got lucky.
“I happened to be at AIG visiting a friend who was president of a division, and he happened to say, ‘They gave me the task of creating a product this year, so we’ll just make yours,’ and that’s how we started.”
The policy was called Internet Security Liability Policy. Haase said he and his friend worked on the product until April of ’97.
“We went to the International Risk Insurance Management Society’s convention and launched it on April 15th of ’97. We had a big celebration in Honolulu with our famous Breach on the Beach party. We’re not sure what that is yet, but we had a Breach on the Beach party.”
About 20 people joined in the party.
And thus cyber insurance was born. In the following interview, Insurance Journal’s Andrea Wells probes what this pioneer thinks about cyber insurance now, what he regrets and sees as problems, why he thinks there is still a lot of educating that needs to be done, how the coverage and market have evolved and where he thinks cyber is headed.
Insurance Journal: After that, how long was it before carriers or other markets started to catch on?
Haase: Well, we knew there were other players out there with the same idea. They were generally about two years behind, but eventually, there were more and more carriers entering the market. We moved our business around. We did a little bit of business with ACE. We did a lot of business with Reliance National. Eventually, we wound up consolidating the program into Lloyd’s of London.
Insurance Journal: Twenty years, a lot has happened. The product has evolved tremendously. In your view, what have been some of the biggest changes since to the product and the coverage?
Haase: If I could, maybe before I talk about changes, because this’ll make more sense, it is the most confusing coverage ever. We literally talk about that at our 15 boot camps we do, as the very first thing. Most agents will readily admit that they don’t feel completely confident they can explain this coverage. It really is like explaining a manuscript package policy.
If you could imagine having 30 different manuscript package policies that you’re trying to compare, it’s very difficult. Even the words cyber liability are confusing. We came up with those words and we really regret it. Cyber means computer. Well, we cover paper files. Liability, well, we cover first party. There’s not even a simple explanation of what it is.