Insurance, Without the Guesswork

In business, there are certain things you buy because you have to. Insurance usually sits somewhere near the top of that list. It’s not exciting, it’s not urgent, and if everything goes well… it’s something you barely think about.

Until something goes wrong.

In the third episode of the Arcane Link podcast, host Ruben Clarke sat down with Sam Johnson, Director at RiskBox to unpack the reality behind insurance. Not the brochures, not the comparison sites, but what actually happens when policies are tested, claims are made, and assumptions start to unravel.

The full conversation is available on YouTube and all major podcast streaming platforms:

• Spotify

• Apple Podcasts

• Amazon Music

A Career Nobody Plans For

Sam's the first to admit that insurance doesn’t exactly scream ambition. It’s not something people grow up aspiring to.

You don’t grow up as a kid going, I tell you what, I really want to be an underwriter or a broker.

Like many in the industry, he fell into it rather than chasing it. But what’s interesting is not how he got there… it’s why he stayed.

Because once you get past the reputation, you start to realise that insurance sits quietly underneath almost everything a business does. It’s not front and centre, but when it matters, it really matters.

The Bit Everyone Skips

Most businesses buy insurance the same way they accept terms and conditions.

• Quick scan.

• Looks fine.

• Move on.

The problem is, those documents aren’t designed for casual reading.

Even when insurers try to simplify things, there’s still no universal way of defining key terms, especially in areas like cyber. What one policy includes, another might exclude entirely.

It’s our job to do that and then relay that to our clients in a way that they’ll understand.

That translation piece is where the real value sits.

Because the biggest risk isn’t having no insurance…

It’s thinking you’re covered when you’re not.

The £150 Policy and the £50,000 Reality

Cyber insurance has become surprisingly accessible.

I’ve seen some as cheap as £150 for a year… and it’s providing really good cover.

On its own, that sounds almost too good to be true.

But the real story isn’t about the cost of the policy…

It’s about the cost of the problem.

A single click. A phishing email. A small mistake that spirals quickly.

• Legal teams.

• Forensic investigations.

• Notifications.

• Recovery support.

That was a £50,000 claim because of the legals, the forensics… all that stuff that happened.

And without the right cover in place, that’s not an abstract number.

That’s a bill the business is left to deal with itself.

You Don’t Know What You Don’t Know

One of the most consistent red flags Sam highlighted wasn’t malicious behaviour or obvious risk.

It was uncertainty.

Businesses not knowing:

• what data they hold

• what controls are in place

• or even whether basic protections like MFA exist

They don’t know if they’ve got MFA… they don’t know how much personally identifiable data they’ve got.

Sometimes that’s just a communication gap internally.

Other times, it points to something deeper.

Either way, from an insurer’s perspective, it’s not a great signal.

The First 24 Hours

When things go wrong, speed matters.

Not in a dramatic, Hollywood sense… but in a very practical one.

The longer an incident runs unchecked, the worse it becomes.

The quicker you can act on it, the better.

What often surprises people is that the biggest value of a cyber policy isn’t just the financial cover.

It’s the support.

• Legal experts.

• Forensic specialists.

• PR teams.

All available immediately, often 24/7.

Don’t try and deal with it yourself. Get on the phone.

Because while you’re figuring out what’s happened…

Your business is effectively on hold.

Where Things Start to Break

There’s a moment in most conversations about insurance where things get slightly uncomfortable.

Because it becomes clear that insurance isn’t there to be generous.

It’s there to honour a contract.

If your business changes, and you don’t communicate that…

You might not be covered.

If you do something differently to what you advised… you’re at risk of insurers invalidating that claim.

• New services.

• New markets.

• New technology.

All of it matters.

And all of it needs to be disclosed.

AI, Cyber, and Everything in Between

Unsurprisingly, AI has started to creep into underwriting conversations.

Not in a dramatic way, but in a very real, operational sense.

• What tools are you using?

• How are outputs validated?

• What controls are in place?

We’re now seeing that being included… that you are covered if you’re using AI tools.

It’s another example of how quickly the landscape is shifting.

And how insurance is constantly trying to catch up.

It’s Not About the Policy

If there’s one thing this conversation makes clear, it’s that insurance isn’t about the document.

It’s about understanding.

• Understanding your business.

• Understanding your risks.

• Understanding what happens when things go wrong.

Because when an incident hits, that’s not the time to start asking questions.

It’s the time you realise whether you asked the right ones earlier.

Why We Are Doing This?

Arcane Link exists to lift the lid on conversations like this. The ones that sit just outside the usual marketing pages.

The ones where things are a bit less polished, a bit more honest, and a lot more useful.

We are here to help businesses understand the why, so the how becomes manageable.

If Episode 003 resonates and you are looking for a consultancy that prefers light touch systems over paperwork marathons, you already know where to find us.

If insurance still feels like a box you have ticked rather than something you truly understand, RiskBox are well worth a conversation. No jargon, no guesswork, just clarity on what happens when things go wrong.