Product Family

AXA XL has extended the reach of its Angel Risk Management platform to include Cyber insurance tailored to the needs of small- and medium-sized businesses in Ireland. Neil O’Brien, AXA XL’s Head of Financial Lines, Ireland describes how adding coverage for cyber-attacks to the Angel Risk Management platform enables brokers to deliver even more value to the companies which represent the backbone of the Irish economy.

Small- and medium-sized enterprises (SMEs) are one of the vital pillars of the Irish economy. This slice of the economy comprises so-called micro firms with fewer than 10 employees, small businesses with 10-49 employees, and medium-size companies employing 50-249 people. According to the Central Statistics Office, Ireland’s SMEs:

Employ over 68 percent of Irish workers.
Generate 50.2 percent of total turnover.
Contribute over 41 percent in gross value added.

(Figures are from 2016, the latest year this data is available.)

However, when we define a “business segment” by the number of employees, it is sometimes easy to overlook just how varied and diverse it is. These firms are all part of the mosaic of our villages, cities and the overall country; solicitors, farmers, hotel owners, accountants, architects and engineers, tradespeople, restaurant owners, construction companies, and, let’s not forget, insurance brokers.

And, yet, for all their diversity, SMEs do share at least one thing in common: they are all at risk of a cyber-attack.

A relentless and proliferating threat
Actually, all firms today are vulnerable to a cyber-attack. As are individuals, local/regional governments, universities, hospitals and non-profit organizations. Or to put it differently, unless you are living completely off the grid and never use an Internet connected device, the risk of a cyber-attack is ever-present.

While the threat is ubiquitous, SMEs are a particularly attractive target for cyber-criminals for two reasons. First, as I alluded to above, there are a lot of them; it is what you might call a “target-rich environment”. Second, because they are, by definition, small, most SMEs don’t always have the latest tools and procedures to defend against the horde of increasingly sophisticated hackers, phishers, pharmers and the like. It’s true that compared to going after a major multinational company, the payoffs may not be as great—and, yes, many cyber-attackers are motivated by money—but the degree of difficulty usually is considerably less. Or as one cybersecurity expert put it: SMEs are “low hanging fruit and easy money” for cyber-criminals.

Moreover, the COVID-19 pandemic has only amplified the threat across industries around the world and cybersecurity experts around the world have noted a dramatic increase in cyber-attacks attributable to the pandemic. Malicious actors are aware that companies are struggling to keep up with new demands, and that some security teams have limited access to the tools and talent required to defend their businesses effectively. Cyber criminals are preying on the susceptibility of newly remote workers by offering lures and traps that imitate credible sources. 

Fast, simple access to coverages designed specifically for SMEs
Going forward, Irish brokers can offer their SME clients Cyber insurance on a non-referral basis via Angel Risk Management’s fast, easy-to-use online platform. (And, yes, we have worked with leading IT experts to ensure the security and integrity of the platform.) Brokers who already use the platform to quote and bind professional indemnity and directors & officers coverages note that it provides a seamless experience from getting an initial, indicative quote—based on the client’s industry segment—through to the delivery of the full suite of documents.

Our cyber coverage has been tailored specifically for companies with turnover under €10,000,000 and comes with limits from €50,000 to €1,000,000. The core elements of the coverage are:

Emergency response costs: reimbursements for emergency payments made to repair/restore the system after a breach.
Business interruption: lost profits and/or operational expenses during the restoration period.
Privacy notification and crisis management costs: costs for notifying affected third parties and otherwise managing the indirect impacts of the event (this requires prior written consent from AXA XL).

The policy also covers the cost of replacing, updating or restoring any data that has been damaged or destroyed, up to the level that existed before the incident. Other features include reimbursement for expenses related to responding to a regulatory investigation as well as claims arising out of a privacy or security breach by the client or its sub-contractors.

Finally, it can’t be stressed enough: SMEs do need to take cyber protection seriously and take advantage of the latest security systems and processes. Nonetheless, reducing the threat still comes down to the people who are using those tools. That means the cornerstone for all companies in combating cyber attacks can be summed up in one word: awareness. Effectively lessening the possibility of a cyber attack is as much about improving an organization’s technology as it is about ensuring everyone understands and follows good cyber security practices.

Neil O’Brien is an Underwriting Manager responsible for managing AXA XL’s International Financial Lines team in Ireland. Neil is based in Dublin and can be reached at

This article was previously published in Irish Broker Magazine.


More Articles

Global Asset Protection Services, LLC, and its affiliates (“AXA XL Risk Consulting”) provides risk assessment reports and other loss prevention services, as requested. This document shall not be construed as indicating the existence or availability under any policy of coverage for any particular type of loss or damage. AXA XL Risk. We specifically disclaim any warranty or representation that compliance with any advice or recommendation in any publication will make a facility or operation safe or healthful, or put it in compliance with any standard, code, law, rule or regulation. Save where expressly agreed in writing, AXA XL Risk Consulting and its related and affiliated companies disclaim all liability for loss or damage suffered by any party arising out of or in connection with this publication, including indirect or consequential loss or damage, howsoever arising. Any party who chooses to rely in any way on the contents of this document does so at their own risk.

US- and Canada-Issued Insurance Policies

In the US, the AXA XL insurance companies are: AXA Insurance Company, Catlin Insurance Company, Inc., Greenwich Insurance Company, Indian Harbor Insurance Company, XL Insurance America, Inc., XL Specialty Insurance Company and T.H.E. Insurance Company. In Canada, coverages are underwritten by XL Specialty Insurance Company - Canadian Branch and AXA Insurance Company - Canadian branch. Coverages may also be underwritten by Lloyd’s Syndicate #2003. Coverages underwritten by Lloyd’s Syndicate #2003 are placed on behalf of the member of Syndicate #2003 by Catlin Canada Inc. Lloyd’s ratings are independent of AXA XL.
US domiciled insurance policies can be written by the following AXA XL surplus lines insurers: XL Catlin Insurance Company UK Limited, Syndicates managed by Catlin Underwriting Agencies Limited and Indian Harbor Insurance Company. Enquires from US residents should be directed to a local insurance agent or broker permitted to write business in the relevant state.