What is a Cyber Claims Adjuster?

Cyber Claims Adjuster

Job title –  Cyber Claims Adjuster, Cyber Claims Specialist, Claims Appraiser

Description/ Responsibilities

A claims adjuster is normally the first point of contact for a policyholder who has discovered that there is a potential claim under their insurance policy, and has notified their broker or insurance company accordingly.

The job of a cyber claims adjuster is to immediately investigate the circumstances surrounding the notification of the relevant cyber incident, and confirm that such incident falls under the provisions of the insurance policy.

Assuming that it does, they will notify the insurance company or Lloyd’s syndicates accordingly, and normally receive instructions from them to proceed with the management of the claim.

The Cyber Claims Adjuster will then take steps to make sure that the immediate danger posed by the data breach or other type of crime is dealt with as quickly as possible.

This may be by authorizing the formation of an Incident Response Team, or authorizing one to act if it is already in place.

It may also mean making an interim financial payment, which would be covered under the terms of the policy, with a further settlement being made once the claim had been finalized.

cyber security jobs

The claim under a cyber insurance policy is in some ways more complex than claims under other types of insurance policies.

Not only is there a financial settlement, but there is also the management of the breach itself, and the clear up operation once it is over.

This requires the Cyber Claims Adjuster to be fully aware of the terms and conditions of the insurance policy, and to make sure that all agreements and settlements at every stage of the process are covered by the policy itself.

The claims adjuster needs to recognise the urgency of the situation, and deal with it in such a way as to reassure  the policy holder of what has been done and why, and reassure the insurance company or Lloyds syndicate that the claim is being handled in an efficient and professional manner.

A cyber claims adjuster may either belong to a specialist firm of loss adjusters who are employed on behalf of the insurance company, or they may work directly for the insurance company or Lloyd’s syndicates themselves.

In some instances, if it is a highly specialized type of cybercrime, the adjuster may be a consultant with specialist knowledge of this type of crime.

In all instances the Cyber Claims Adjuster is acting on behalf of the insurance company, either as a direct employee, agent or consultant.

Qualifications / Experience

Cyber insurance is a relatively new market, and is constantly evolving in terms of insurance companies being willing to offer it, and what is covered under a cyber insurance policy.

An adjuster needs to be fully up to date with the terms and conditions of the relevant cyber insurance policy, as well as any trends in the market which mat lead to inclusion / exclusion of certain types of risk.

A good example of this is the recent decision by Lloyd’s to exclude cyber crimes that are considered to have been state sponsored.

Because it is a relatively new market, a number of cyber insurance adjusters will either have had experience or being employed in the field of property and casualty claims.

The experience they bring with them will be especially useful as they can transfer not only their investigatory skills, but also their knowledge of the property and casualty market itself.

There are no formal qualifications for this role, but certain ones may help. These can include a bachelor’s degree, insurance qualifications and certifications, and membership of any cyber security and / or risk management associations and / or professional bodies.

The ability to network with other cyber security claims specialists, and policy formation groups is especially useful.

cyber security jobs

Hours / Shift work

On paper, this role should be a fairly standard day job, but the reality is often quite different.

Cyber Insurance claims can be discovered and reported at any time of day or night, and there is an immediate sense of urgency about the need to deal with them.

To this end a cyber insurance claims adjuster may be expected to be on call at any time of day or night.

This needs to be spelled out in any type of contract either between the insurance company and firm of adjusters, or between the insurance company and it’s employees.  Shift work may be necessary and should be specified in the employment contract accordingly.

Cyber Claims Adjuster Salary / Benefits

Salary levels may differ depending upon whether the  claims adjuster is employed directly by an insurance company or by a firm of loss adjusters.  Also whether or not the adjuster is still actively involved in property and casualty claims which can sometimes run concurrently with cyber insurance claims.

Online job sites estimate that a salary for a claims specialist is between $75,000 and $110,000, with related benefits. This can obviously rise with seniority, experience and more specialized knowledge of cyber insurance and cyber crime.

Aside from a normal benefits package, because cyber insurance is a relatively new field it is important that the company provide training in all areas of cyber security that are relevant to the employees job.

This needs to be done within company time and the employee should be listened to as to what their needs are in terms of specific training modules that would allow them to understand their role better and act in a more professional and efficient manner.

Job Location

Most job efforts will specify the physical location of the company. The nature of cyber claims adjustment means that a certain amount of time will need to be spent on clients premises, as well as virtual meetings with other parties.

This may give some flexibility to where the candidate lives, and should be discussed with the relevant insurance company or firm of loss adjusters.

Security Vetting

Some type of vetting may be needed, given that the cyber claims adjuster will have access to large amounts of sensitive data. Vetting may take place at different levels, depending upon the level of security within the company itself.