Forgive me for being a bit skeptical, but I would love to read the policy.
It is possible that the insurer paid off the full amount of the policy but things will not end here.
For example, how is it possible that SONY and its insurer knows what the losses will be? The statute of limitations has not run.
Lastly, it is typical for an insurer to surrender the full face value of the policy and then litigate issues like whether the loss was in fact covered under the mandatory claims making process.
Life is seldom so simple and insurance companies seldom throw up their hands and give up. If the insurer did so, there are heads to roll there.
If, in fact, Sony actually did purchase 100 Million in coverage for this type of event (which I highly doubt), this type of catastrophic loss could have some serious impact on how future policies will be written. I foresee exclusions and limitations for damages caused by the acts of any government entity. A 100+ Million claim is going to make some serious impacts.
Bruce, I don’t know know all types of cyber/hacking insurance, but I know for a fact (I just reviewed the coverage form) that there is at least one coverage available from a major cyber insurance provider that does NOT exclude governmental acts. Even if it did have such an exclusion, however, it would be up to the insurer to prove that this was a government-sponsored attack. I don’t know what (if any) proof is currently available by which such a denial in coverage would be based.
However, “Not Necessarily,” there is only one or two mkts that include war coverage and the rest exclude war. War is defined on most policy forms as “…War like action by a military force, including action in hindering or defending against an actual or expected attack, by ANY GOVERNMENT, sovereign or other authority using military personal or OTHER AGENTS…””
The N. Korean regime is a recognized body of government and although a carrier proving they carried out the attack could be tricky, the FBI has confirmed this. This is an old def and up for interpretation, but Bruce was ‘not necessarily’ wrong.
Sony never said the loss was $100M. That was an outside estimate. The bulk of the costs here will be recreating data and entering it back into the system. With off-site back-up, it’s tedious but not at all impossible to do. I’ve had many clients that have had to do this for a variety of reasons. Sony just happens to be on a much greater scale.
However, “Not Necessarily,” there is only one or two mkts that include war coverage and the rest exclude war. War is defined on most policy forms as “…War like action by a military force, including action in hindering or defending against an actual or expected attack, by ANY GOVERNMENT, sovereign or other authority using military personal or OTHER AGENTS…””
The N. Korean regime is a recognized body of government and although a carrier proving they carried out the attack could be tricky, the FBI has confirmed this. This is an old def and up for interpretation, but Bruce was ‘not necessarily’ wrong.
Who provided the insurance? Yet another lacking article by IJ.
In the highly unlikely event that Sony had $100million+ in coverage for this, their Risk Manager/Broker deserve a seven-figure thank-you envelope.
They already got it when they billed their commission.
Hi:
Forgive me for being a bit skeptical, but I would love to read the policy.
It is possible that the insurer paid off the full amount of the policy but things will not end here.
For example, how is it possible that SONY and its insurer knows what the losses will be? The statute of limitations has not run.
Lastly, it is typical for an insurer to surrender the full face value of the policy and then litigate issues like whether the loss was in fact covered under the mandatory claims making process.
Life is seldom so simple and insurance companies seldom throw up their hands and give up. If the insurer did so, there are heads to roll there.
I pity the people who have stock in reinsurance.
If, in fact, Sony actually did purchase 100 Million in coverage for this type of event (which I highly doubt), this type of catastrophic loss could have some serious impact on how future policies will be written. I foresee exclusions and limitations for damages caused by the acts of any government entity. A 100+ Million claim is going to make some serious impacts.
There is an exclusion for a governmental body doing this!! Its an act of war and excluded…
Bruce, I don’t know know all types of cyber/hacking insurance, but I know for a fact (I just reviewed the coverage form) that there is at least one coverage available from a major cyber insurance provider that does NOT exclude governmental acts. Even if it did have such an exclusion, however, it would be up to the insurer to prove that this was a government-sponsored attack. I don’t know what (if any) proof is currently available by which such a denial in coverage would be based.
However, “Not Necessarily,” there is only one or two mkts that include war coverage and the rest exclude war. War is defined on most policy forms as “…War like action by a military force, including action in hindering or defending against an actual or expected attack, by ANY GOVERNMENT, sovereign or other authority using military personal or OTHER AGENTS…””
The N. Korean regime is a recognized body of government and although a carrier proving they carried out the attack could be tricky, the FBI has confirmed this. This is an old def and up for interpretation, but Bruce was ‘not necessarily’ wrong.
The governmental act you are referring to has to do with a domestic government committing such act as a search and seizure, etc.
Sony never said the loss was $100M. That was an outside estimate. The bulk of the costs here will be recreating data and entering it back into the system. With off-site back-up, it’s tedious but not at all impossible to do. I’ve had many clients that have had to do this for a variety of reasons. Sony just happens to be on a much greater scale.
However, “Not Necessarily,” there is only one or two mkts that include war coverage and the rest exclude war. War is defined on most policy forms as “…War like action by a military force, including action in hindering or defending against an actual or expected attack, by ANY GOVERNMENT, sovereign or other authority using military personal or OTHER AGENTS…””
The N. Korean regime is a recognized body of government and although a carrier proving they carried out the attack could be tricky, the FBI has confirmed this. This is an old def and up for interpretation, but Bruce was ‘not necessarily’ wrong.