The current cyber insurance landscape in Ireland – A conversation with Shane Barry, Head of Cyber at DUAL Underwriting Ireland DAC

Cyber insurance is a hot topic of conversation in the insurance industry now. Cyber attacks are becoming increasingly more sophisticated. The most recent M&S cyber attack, which gained significant media coverage, is expected to cost the company up to £300 million in operating profits this year.1 As a result, more and more companies are becoming vigilant about their cybersecurity. With that in mind, we decided to catch up with our Head of Cyber, Shane Barry, to chat about the cyber insurance landscape in Ireland. 

Tell us a little bit about yourself and your experience to date: 

Originally from Cork, I completed a Business Studies degree in UL, majoring in Insurance & Risk Management. As part of the degree, I undertook Co-Op work experience in the PI section of Coyle Hamilton (now Willis) in Dublin. I moved back to Dublin shortly after graduating in 1999 and took up my first PI underwriting role with The St. Paul (now Travelers) where I first learned the value of underwriting discipline.

From there, I moved to Chubb where I spent over 13 years, gaining valuable experience across a variety of sectors and Financial Lines products and learning the importance of fully understanding the risk that you are insuring and the needs of the customer so that you can provide the best solutions for them. It was also here that I had my first introduction to Cyber insurance around 2013/2014. It was very much a niche product then and the underwriting process was very different to what it is today.    

I joined Hiscox in 2017 where I was again fortunate to expand my underwriting experience to include property and liability lines. I joined the Irish Technical Underwriting Team where I had responsibility for local product strategy and underwriting controls for the Technology PI, Media PI and Cyber products. Cyber was beginning to gain traction as a mainstream product around this time and the underwriting process was evolving rapidly as the world became even more connected and reliant on technology.      

An opportunity arose in 2022 to move into the MGA sector when I joined Spring Insure Europe. This was a great insight into a different side of the insurance industry but reinforced the lessons learned in previous roles about the importance of underwriting the risk in front of you.  

This in turn led me to DUAL in March 2024 and the exciting challenge of developing DUAL’s Cyber business in Ireland. 

What does the cyber insurance landscape currently look like?

The global cyber insurance market is currently in a soft market phase. Premiums are reducing, capacity is stable and demand is growing and the Irish market is broadly mirroring these global trends. 
Whilst demand for cyber insurance from Irish business is increasing, there still appears to be a level of buyer apathy, especially amongst the SME sector. That apathy may come from the mistaken belief that “it won’t happen to us” but SMEs are often targeted because their defences may not be as strong as larger businesses. It may also be down to the perception that either the cost of the insurance premium itself or the cost of implementing recommended IT security controls is prohibitive. The reality is that an SME business is just as likely to be impacted by a cyber incident as a larger, corporate entity, and the resultant fallout may be far graver for small businesses without the resources or deep pockets to respond to and recover from a cyber event. 

What would you say is the biggest threat posed to businesses in relation to cyber-attacks?

The threat landscape is continuing to evolve both globally and locally, and that well-worn phrase of “not if, but when” can be expanded to include “and how?”. Ransomware, phishing attacks (in their various forms) and data breaches continue to be prevalent, and the impacts can be significant if business are underprepared to contain the incident and deal with the consequences.  
The use of AI as both a defensive and offensive tool is adding another dimension to that threat landscape and its use is expected to increase the frequency, automation and sophistication of attacks.
Supply chain attacks where cyber criminals target and exploit third-party suppliers or software providers to either infiltrate a larger target or multiple targets at once are also on the increase. 
Human susceptibility to phishing and social engineering attacks is constantly one of the leading causes of cybersecurity breaches. Employees clicking on malicious links or opening infected attachments in emails resulting in the deployment of malware or the theft of credentials is still the easiest way for cyber criminals to infiltrate a company’s systems. Hackers don’t break in, they log in! Training and awareness remain a vital tool to combat the threats posed by human error. 

Why is it so important for Brokers to be aware of the benefits of cyber insurance for their clients? 

It is crucial for Brokers to understand and communicate the benefits of cyber insurance to their clients because of the increasing frequency, sophistication and financial impact of cyber threats. 
Cyber insurance offers protection against a wide range of cyber threats, including data breaches, ransomware, business interruption from both malicious and non-malicious events, legal liabilities arising from third-party claims and funds transfer fraud. It also covers costs associated with digital restoration, hardware replacement, regulatory fines, crisis communication, and more.

A significant benefit of a good cyber insurance policy comes from the incident response and crisis management services. SMEs in particular as a group don’t always have the expertise or resources to deal with cyber risk effectively. An effective cyber insurance policy should offer rapid access to an expert panel of specialist lawyers, forensic investigators, IT and PR consultants for example, all crucial to help businesses navigate the chaotic post-incident landscape.
Cyber insurance should be considered as part of an overall toolkit when it comes to a cybersecurity strategy and should complement the security processes and technologies that a company already implements as part of their risk management plan. 

Onboarding calls with Incident Response experts can assist with implementing or improving incident management plans and will establish clear roles and responsibilities. These proactive measures help minimise downtime, financial loss, and operational disruption in the event of a cyber incident.

At DUAL, we have an in-house Cyber Prevention & Response (CPR) unit that conduct onboarding calls as part of the coverage provided by the insurance policy, and we can also offer pre-breach services to assist insured customers in preventing cyber incidents. This includes the likes of vulnerability scanning, Darknet monitoring and other consultancy services. 

Undoubtedly, businesses with a strong IT security posture are more attractive risks for Insurers. Those businesses that are still behind the curve when it comes to cybersecurity controls or who need some guidance on how best to improve their cybersecurity hygiene may need to take some proactive steps themselves to implement strong cybersecurity measures to protect their systems and data. 
By integrating comprehensive insurance coverage with strategic cybersecurity initiatives, businesses can build a resilient defence against advancing digital risks. This holistic approach ensures that both preventative and responsive measures are in place to protect the organisation.

At DUAL, we aim to understand the unique needs of our customers to provide flexible cyber insurance solutions and to provide value added services where needed. We can assist prospective Insureds and Insured customers to better understand the cyber risk landscape and we can provide them with a roadmap towards improving their overall cybersecurity posture whilst still providing full insurance coverage.  
We have partnered with a leading provider of security awareness training and phishing simulations that can be tailored to meet the specific training needs of clients. 
Our Cyber Active Protect (CAP) solution combines comprehensive cyber insurance with advanced prevention technology, providing identity protection and endpoint detection software from market leading software providers. This solution ensures businesses receive robust cyber defense, reducing the frequency and severity of losses, and prepares for previously uninsurable businesses to become insurable.

Looking for comprehensive cyber cover, talk to DUAL by reaching out to Shane – [email protected]