“Buyers would be mistaken to think the ruling means that they do not need a cyber policy if they have a CGL policy and insurers might want to think twice before narrowing their general liability language to guard against cyber claims when the marketplace is clamoring for broader coverage.”
No problem with the first statement. But I’m trying to understand what the author is trying to get to with the second. Anybody with a half a brain in the insurance industry understands the fact that the intent of your basic CGL policy is not to protect against cyber liability claims. Hence the first statement: “Buyers would be mistaken to think the ruling means that they do not need a cyber policy” The only ones who don’t get it are the judges ruling in the case.
But the second statement: “insurers might want to think twice before narrowing their general liability language to guard against cyber claims” Well if you have judges who misinterpret the intent, you need to make it more clear. By doing so, insurers are not saying they have no intention of offering the coverage. All they would be saying is that we have to underwrite for it and price for it. I guess that is something the author is blind to.
I agree there is a great deal of uncertainty regarding the proper way to insure against these sets of (cyber-crime/ negligence) risks. Over time, the coverage details should be delineated by court rulings and policy language.
The current thought process is that the CGL should exclude cyber risk coverage. However, if these become more commonplace, AND effective preventative measures (i.e. loss mitigation) are developed and implemented, the frequency of claims should fall to the point a CGL policy could or should include the peril as one that is common, but controllable and affordable to insure. I’m applying the underlying philosophy that cyber risks will expose all businesses with data and IT facilities in the near future. Thus, the word ‘General’ in CGL applies to those risks.
But, I’m just a bit smarter than your average Polar Bear, so what do I know?
When we went to the simplified form in 1986, the name of the policy was changed from Comprehensive to Commercial General Liability. One of the reasons was so insureds would not think their GL policy was an all inclusive policy.
“Buyers would be mistaken to think the ruling means that they do not need a cyber policy if they have a CGL policy and insurers might want to think twice before narrowing their general liability language to guard against cyber claims when the marketplace is clamoring for broader coverage.”
No problem with the first statement. But I’m trying to understand what the author is trying to get to with the second. Anybody with a half a brain in the insurance industry understands the fact that the intent of your basic CGL policy is not to protect against cyber liability claims. Hence the first statement: “Buyers would be mistaken to think the ruling means that they do not need a cyber policy” The only ones who don’t get it are the judges ruling in the case.
But the second statement: “insurers might want to think twice before narrowing their general liability language to guard against cyber claims” Well if you have judges who misinterpret the intent, you need to make it more clear. By doing so, insurers are not saying they have no intention of offering the coverage. All they would be saying is that we have to underwrite for it and price for it. I guess that is something the author is blind to.
I agree there is a great deal of uncertainty regarding the proper way to insure against these sets of (cyber-crime/ negligence) risks. Over time, the coverage details should be delineated by court rulings and policy language.
The current thought process is that the CGL should exclude cyber risk coverage. However, if these become more commonplace, AND effective preventative measures (i.e. loss mitigation) are developed and implemented, the frequency of claims should fall to the point a CGL policy could or should include the peril as one that is common, but controllable and affordable to insure. I’m applying the underlying philosophy that cyber risks will expose all businesses with data and IT facilities in the near future. Thus, the word ‘General’ in CGL applies to those risks.
But, I’m just a bit smarter than your average Polar Bear, so what do I know?
The American Court System; putting the ‘comprehensive’ in Comprehensive General Liability policy, one peril coverage ruling at a time!
When we went to the simplified form in 1986, the name of the policy was changed from Comprehensive to Commercial General Liability. One of the reasons was so insureds would not think their GL policy was an all inclusive policy.
Someone forgot to send me the memo. Ooops! Old School Polar Berra!
More important, someone forgot to send the memo to the US Court system.
Does NOT apply to all CGL policies