A small business owner and cybersecurity professional frustrated by the complicated cyber coverage buying process decided to take matters into his own hands – he became a cyber insurance broker.
“I wanted to solve the cyber insurance problem for small businesses,” said Serg Panfilov, CEO and founder of new Atlanta-based CyberDot, an online direct sales cyber insurance managing general agency (MGA).
Paniflov said as small businesses become more aware of their cyber risk, they are increasingly turning to the insurance market to help them mitigate their exposure. A cyber security professional who has been in the business for 25 years, Paniflov said the idea came to him through his own experience trying to find cyber coverage for his business, which he called very complicated.
“In running a small business, I had a very tough time buying cyber insurance,” he said. “I know the cyber industry and thought this would be impossible for those in small business who don’t know anything about this.”
Panfilov thus developed CyberDot in partnership with CyberLaunch, an accelerator program for information security and machine learning startups, also located in Atlanta. Since it launched earlier this year, CyberDot has partnered with several insurers, including Berkley Cyber Risk Solutions and Sompo International.
The CyberDot policy includes coverage for first and third-party risks, including data breach response, reputation income loss, business and system failure interruption, as well as cyber crime, social engineering and ransomware extortion. Small businesses can quote a policy through cyberdot.com and choose from multiple pricing options starting at $500 per policy. Limits start at about $1 million but can go up to $3 million, depending on the company. CyberDot is licensed in all 50 states and D.C.
Since small businesses are also looking for help in implementing best practices to protect their businesses from cyber threats, CyberDot has made education on potential exposures a part of its mission.
The coverage also includes access to cybersecurity firms that CyberDot has partnered with to help small business policyholders improve their cybersecurity risk.
“Even though I know cybersecurity, I know how many ways I could screw up and I can’t imagine a non-technical person being able to understand how much risk their business faces. It is something we have to really explain and advise customers on,” he said. “Insurance is one thing, but how do you also take that and put security in layman’s terms to help small businesses from an educational, recovery and mitigation standpoint?”
The company has worked with its carrier partners to fine tune its application to make sure it’s taking on good risks, including looking at what controls a potential insured currently has in place. The more cyber security a company is utilizing, the cheaper a policy can be. But Paniflov emphasized that CyberDot has made sure to keep the application process “basic.”
The company plans to launch a product for agents and brokers later this year and is looking to partner with additional carriers to provide more choices because “that’s what the customer wants,” Paniflov said.
Paniflov said launching an insurtech startup has turned out be tougher than he anticipated given the challenges of state-by-state regulations and what he calls an inability to innovate in the insurance world. But CyberDot has already sold several policies and is “here for the long term.”
He said a challenge for the company going forward will be overcoming the cyber risk knowledge gap among small businesses. However, he sees a lot of potential in the small business cyber market because of that knowledge gap, especially as government regulations around this issue change.
“The stupidest things you don’t even think about can expose your customers and put [small businesses] at risk,” he said. “Your customers provided data to you and you are going to be liable [for a breach].That’s a message we need to really convey to our customer base.”