The insurance marketplace for cyber liability is constantly evolving. Technology is always improving, the level of data security and awareness is escalating and the tools used by the criminals and the bad actors are becoming more sophisticated. Additionally, the individuals and groups behind these data breaches have varied motivations ranging from embarrassing organizations, to monetizing personal information, to simply wreaking havoc. This coupled with increased regulatory scrutiny and media attention creates a challenging environment for businesses grappling with data security issues.
Unfortunately, the insurance industry does not make it any easier for potential insureds. Policy forms are frequently being updated to keep up with the changing exposures and increasing historical claims data.
Market penetration for cyber liability with middle-market and small businesses is below 20 percent by most estimates, while connected devices are expected to triple to 15 billion by 2020, fueling demand for cyber liability insurance and experts who can effectively advise clients in uncharted waters. With that in mind, here are 10 tips to consider to evaluate coverage.
1. Prior Acts Coverage
The challenge for insureds with cyber liability is that most businesses do not know that they have been breached for months. It’s conceivable that an insured could answer a warranty question on an application truthfully without realizing they have already been breached. In theory, an insurer would likely need to provide coverage for the forensic analysis, but if it was determined that the breach pre-dated the inception of coverage, they could certainly deny coverage for any further expense.
Many insurers recognize this and are beginning to offer a limited window of prior acts coverage under cyber liability policies, or full prior acts coverage in some cases.
2. Choice of Vendors/Counsel
3. Outsourced Service Providers
4. Bodily Injury Property Damage
5. Network Interruption System Failure Coverage & Contingent Network Interruption
6. Value-Added Services
7. Unencrypted Device Exclusions
8. Loss of Tech Support Exclusions
9. Cyber Terrorism
10. Breach of Contract
Unlike other lines of business that have ISO forms and some standardization from insurer to insurer, it is apparent that all cyber liability policies are not equal.
While there will always be new, relevant issues as exposure and products continue to develop, these are the big issues of focus for sophisticated buyers. It’s critical to understand each insured’s unique business and exposures. Armed with these tips you will be better able to negotiate a best in class cyber liability policy for your clients.
Was this article valuable?
Here are more articles you may enjoy.