Thought Leadership · Written by Jeff Sharer – Risk Consultant

Rethinking the Cyber Insurance Journey for the Modern Enterprise

The Future of Commercial Insurance: Trends to Watch

Insurance From the LineSlip Team Thought Leadership
Written By Jeff Sharer – Risk Consultant

Cyber risk is no longer a technical issue; it’s a boardroom imperative. Yet despite the escalating frequency and severity of cyber incidents, the adoption of standalone cyber insurance among small and mid-sized businesses (SMBs) remains alarmingly low, hovering around just 4%. This gap is a strategic blind spot. 

The recent SafeHouse Initiative podcast, From Risk to Recovery: Every Stop on the Cyber Insurance Journey, hosted by Jeff Edwards and Tawana Johnson, offers a timely and comprehensive roadmap for navigating this complex terrain. As someone who has spent over three decades advising global financial institutions and Fortune 500 clients on risk financing, captive strategy, and enterprise risk management, I found the conversation both validating and urgent. 

Why Cyber Insurance Still Feels Optional 

Many SMBs still view cyber insurance as a luxury or assume it’s covered under traditional property and casualty policies. This misconception is dangerous. As Tawana Johnson, Vice Chair of Data Privacy and Cybersecurity at Lewis Brisbois, explains, the cost of a breach can be existential. From ransomware attacks to regulatory fines and class-action litigation, the financial and reputational fallout can be devastating. 

What’s more, the cyber insurance market has evolved dramatically. Applications that once fit on a single page now require detailed disclosures, and some carriers even deploy threat intelligence teams to assess applicants’ networks. This shift reflects a broader trend: cyber underwriting is becoming more data-driven, more forensic, and more aligned with enterprise risk management principles.

The Breach Coach: Calm in the Chaos 

One of the most compelling insights from the podcast is the role of the breach coach—a legal quarterback who coordinates between the insured, the insurer, and digital forensics teams. This function helps provide necessary leadership under pressure. 

As Johnson describes, breach coaches are often the first call a business makes during a cyber crisis. They ensure that all communications and investigations remain protected under attorney-client privilege, which is an essential safeguard in the event of litigation. But their role goes far beyond legal protection. 

They are counselors, crisis managers, and advocates who help clients navigate the chaos of a breach. They coordinate with digital forensics and incident response (DFIR) vendors, negotiate with threat actors when necessary, and ensure that all expenses—from legal fees to ransom payments—are properly approved and covered by the insurer [1]. 

 Importantly, breach coaches represent the client, not the insurance company. This tripartite relationship ensures that the business’s interests are front and center, even though the insurer pays the bill. As Johnson puts it, “We spend a lot of time with our clients helping them stay calm. We are involved with business owners on the worst day of their business life… and we’re here to help them come out on the other side” [1]. 

In my own consulting work—whether designing cyber risk strategies for private equity portfolios or integrating GRC frameworks into insurtech platforms—I’ve seen firsthand how critical this role is. It goes beyond responding to incidents and aims to build resilience into the DNA of the organization. 

A Blueprint for the Future 

The SafeHouse series outlines a full-stack approach to cyber insurance, from risk quantification and broker engagement to underwriting, claims, and litigation. It’s a model that mirrors the enterprise risk lifecycle and underscores the need for cross-functional collaboration. 

 For risk leaders, this is a call to action. We must: 

  • Educate brokers and clients on the true value of cyber coverage 
  • Integrate cyber risk into broader ERM and ESG frameworks 
  • Advocate for policies that include breach coaching, business interruption coverage, and clear claims protocols 
  • Prepare for the legal and regulatory implications of data breaches, including class-action and coverage litigation

Final Thoughts 

Cyber insurance is not a silver bullet, but it is a strategic lever. When thoughtfully structured and integrated into a broader risk strategy, it can be a powerful tool for protecting enterprise value. 

As we continue to navigate the digital frontier, let’s move beyond reactive thinking. Let’s build systems, cultures, and partnerships that are proactive, resilient, and ready for what’s next.

 

References 

[1] SafeHouse Transcript from Risk to Recovery Recovery - Every Stop The Cyber Insurance Journey - Part 1 

blog · Thought Leadership · Insurance

Jeff Sharer – Risk Consultant Photo

Jeff Sharer – Risk Consultant

Jeff is a seasoned risk management advisor to several Private Equity firms, covering investment themes from energy and healthcare to infrastructure and real estate. His expertise spans operational and business risks, transactional risks, and claims and litigation. Jeff specializes in translating operational risks, such as cybersecurity, into actionable business metrics for informed decision-making. In addition to his advisory role, Jeff is VP of User/Product Experience at LineSlip. In this role, Jeff is responsible for enhancing the client experience through the lens of a risk manager. With over twenty years of experience, Jeff has held positions at Goldman Sachs, Marsh & McLennan, Towers Watson, and EY. He holds degrees from Moravian College and PACE University’s Haub School of Law.

Related Posts

Rethinking the Cyber Insurance Journey for the Modern Enterprise

Rethinking the Cyber Insurance Journey for the Modern Enterprise

Thought Leadership, Insurance 2 min read
Read more
From Policy Chaos to Control: How FMC Corporation Transformed Their Global Insurance Management

From Policy Chaos to Control: How FMC Corporation Transformed Their Global Insurance Management

Risk Management, case study 6 min read
Read more
The Strategic Evolution of Captive Insurance

The Strategic Evolution of Captive Insurance

Industry Insights, Risk Management 2 min read
Read more