RiskFinancial CrimeReport highlights gaps in cyber insurance

Report highlights gaps in cyber insurance

Companies could find that conventional insurance policies do not always respond to the ever-expanding scope of cyber-threat.

Coverage of cyberattacks and cyber risks by conventional classes of insurance can be patchy, according to research by the International Underwriting Association (IUA).

In a report to members, the London-based association for non-Lloyd’s international insurers and reinsurers details how some traditional lines of business might provide cover for the growing scope of cyber threats. However other scenarios show how common exclusions, not necessarily aimed at such perils, mean cover is not provided for cyber losses in situations where it might be expected.

The report, entitled ‘Cyber Risks and Insurance – an introduction to cross class liabilities’, analyses several possible claims scenarios. The paper, produced in conjunction with law firm Norton Rose Fulbright, also summarises the development of data protection rules and discusses the market for dedicated cyber insurance policies.

“Professional indemnity and directors’ and officers’ liability [D&O] are two areas where it is possible to envisage situations in which, directly or indirectly, cover is provided for certain types of cyber risk,” said Chris Jones, IUA director of market services. “Yet clients may not be fully aware of the scope of underwriting in these lines.

“Conversely, in marine and aviation business, for example, it can be seen that fairly standard policy exclusions may operate to limit the scope of cover in relation to cyber perils. Cyber-specific wordings and products, therefore, many be an effective way of filling the gaps of cover which exist in conventional lines of insurance.

“Cyber risk has been described as the biggest, most systemic risk facing the insurance market in the last half century. Legislators worldwide are taking an increasing interest in this area and organisations are having to meet ever higher standards of risk management.”

The report outlines how separate cyber insurance cover – through extensions in existing policies, ‘drop-down’ cover and comprehensive standalone policies – has evolved to reflect the emerging risk landscape. Also included is a ‘cyber key facts’ paper, information on reported cyber incidents and mitigation steps for insureds.

It is available at www.iua.co.uk/cyber.

Related Articles

Why working in silos is a killer when battling financial crimes

Cyber Security & Fraud Why working in silos is a killer when battling financial crimes

2w Andrew Simpson
PSD2: dull name, but seismic effect

Clearing & Settlement PSD2: dull name, but seismic effect

3m Alex Kwiatkowski
Staying one step ahead: PSD2 and the future of fraud

Financial Crime Staying one step ahead: PSD2 and the future of fraud

3m Seth Ruden
8 predictions for treasury in 2018

Financial Crime 8 predictions for treasury in 2018

4m Bob Stark
FDIC sues 9 European banks over Libor

Banking FDIC sues 9 European banks over Libor

8m Victoria Beckett
Appreciating supply chain cyber risk

Cyber Security & Fraud Appreciating supply chain cyber risk

8m Peregrine Storrs-Fox
The death of the password: biometric banking

Automation The death of the password: biometric banking

8m Paul Sheldon Foote
The insecurity of fraud victims in the fight against cyber-assailants

Bank Relationships The insecurity of fraud victims in the fight against cyber-assailants

8m Keiron Dalton