Insights

Assess these risks when opting not to seek active assailant coverage.                                                                                                                                                                                                        

Today’s Active Assailant Coverage is Yesterday’s Cyber Coverage

Just as cyberattacks are a growing threat to all organizations, real-life attacks from armed assailants are also increasing in frequency across the US. In the same way that it took a shift in mindset for educational institutions to embrace stand-alone cyber coverage, the time has come for them to take a different approach toward an active assailant product.

There is little question today about the indispensability of cyber coverage, but, in actuality, it is a product that was only recently embraced by the market. Though many were initially reluctant to purchase cyber policies, the product increased in ubiquity as it has become better understood. Industry surveys indicate that a significant majority of brokers’ education clients purchase cyber insurance, the best take-up rate by industry. By comparison, only a fraction of those institutions purchases active assailant cover.

Like cyber, active assailant cover is a service-driven product, offering not only comprehensive coverage to indemnify losses but also a suite of valuable pre- and post-attack services. These services help to mitigate losses including financial cost and reputation implications, as well as to address catastrophic losses – data in the case of cyberattack and human life in the case of an active assailant attack. So why are educational institutions not purchasing active assailant policies at the same rate as cyber? There are four key factors preventing uptake.

1. Organizations Think They Are Already Covered

The insurance industry has done a good job of presenting the threat of an active assailant attack, but it has failed to adequately communicate that it is a risk not fully covered by traditional insurance options. This was an issue with cyber in the early days before the product was fully understood, and today we are on a similar journey to educate risk managers about the value of active assailant cover. Drawing parallels between the two may help to bring about a shift in mindset; insureds that have already recognized the advantages of buying into one stand-alone product with value-add services may more easily recognize the importance of doing the same to protect people’s lives.

2. Organizations Do Not Understand the Services That Come with the Cover

Active assailant cover is a service-led crisis response product, designed to help insureds mitigate the magnitude of loss, reputational harm, and resulting financial loss of an active assailant attack.

For example, prevention services offered with some insurance carriers’ active assailant products may include a post-underwriting review to analyze and evaluate security protocols and highlight any current exposures. In many cases, insureds can also access resources on incident awareness, typical profiles of an assailant, guidelines for how to respond to an incident, emergency action plan creation tips, and suggestions for raising awareness of key behaviors, as well as case studies, thought leadership articles, assistance with creating security plans, and test exercises.

Though all these services are valuable, one of the most important services offered is crisis management support to protect people, brand, and reputation in the event of an incident. Similar to a cyberattack, there is a hot initial period immediately after an active assailant attack, and it is in this window that the costliest errors are typically made. Having an experienced advisor standing by to assist provides essential peace of mind.

3. Organizations Are in Denial About the Risks

It is easy to believe an active assailant attack is a tragedy that only happens to someone else. Unfortunately, statistics show otherwise.

According to Gun Violence Archive, there was an average of more than one mass shooting per day in 2022 in the US, and the number is only rising this year. By the first week of March in 2023, the US had already surpassed 100 mass shootings – record time as compared to previous years. In 2021 and 2022, the US hit this grim milestone in late March, and from 2018 to 2020, there were not 100 mass shootings until May. Clearly, this trend is headed in a troubling direction – and no organization is truly safe.

4. Organizations Are Strapped for Cash in Today’s Hard Market

The temptation to simply rely on traditional insurance options (for example, a combination of existing general liability and property policies) can be especially strong in tight financial times. But while traditional insurance may provide some level of relief following an active assailant incident, it will not come with the services of stand-alone cover.

Though you cannot put a price on life, the actual cost of an active assailant policy can be surprisingly affordable; a higher education institution might pay as little as $1 per student, depending on underwriting factors. Not only would many parents pay out of their own pockets to secure this extra level of protection for their children, but they could also be quick to turn around and sue if a shooting occurred and the school did not have cover, leading to a significantly higher financial cost on the backend.

Mitigate Active Assailant Attacks with the Right Support and Tools

A reset in attitudes to active assailant coverage can perhaps best be achieved through the lens of understanding cyber. Cyberattacks and active assailant attacks both present significant risks. Equalizing the importance of service-driven products to address them is essential for educational institutions seeking to protect themselves, their data, and the lives of their students, faculty, and administrators.

Insights Home