To print this article, all you need is to be registered or login on Mondaq.com.
The Situation: The cyber insurance market is
experiencing a major retrenchment, with insurers seeking to limit
their exposure in a variety of ways.
The Result: The current market is defined
byhigher premiums, reduced limits, more restrictive coverage, and
more frequent claim denials.
Looking Ahead: Until market conditions improve,
corporate policyholders should develop strategies to maintain the
value of their cyber coverage.
The cyber insurance market is experiencing the most significant
retrenchment in its 25-year history. Insurers are moving to limit
their risk by restricting coverage, adding exclusions, and reducing
policy limits. Insurers have also adopted more aggressive
claims-handling practices, which frequently result in total or
partial claim denials. Frustrated corporate policyholders have
started to ask whether cyber insurance is worth the cost.
The financial protections offered by cyber policies have clearly
eroded in the past three years. But for most companies, operating
without cyber insurance is not a realistic option due to
contractual insurance requirements or the needs of corporate
directors. The key question, then, is how can companies get the
most value out of their cyber policies in today’s challenging
market? We offer four useful suggestions below:
1. Invest in the purchase process.
The most important step a company can take to strengthen its
cyber coverage is to bring experience and strategic focus to the
purchase process. Companies should conduct a candid assessment of
their most important cyber vulnerabilities based on operations and
infrastructure. The cyber policy application can inform this
exercise because the questions may provide insight into the
vulnerabilties and exposures of particular concern to insurers.
Next, companies should consider having an experienced insurance
professional review their existing policies to look for coverage
gaps or deficiencies and to identify critical enhancements. There
are generally no standard forms for cyber insurance, which means
underwriters often have leeway to modify policy language in order
to attract or retain customers. Investments in the purchase process
can yield dividends for policyholders when a cyberattack
2. Stay abreast of new developments.
Another distinguishing feature of cyber insurance is that
policies rapidly evolve. The major insurers change their policy
forms every few years and are constantly issuing new endorsements
to cover (or in some cases, to exclude) newly emerging risks. In
the last five years, for example, we have seen insurers offer new
coverages for supply chain risk, “bricked” hardware, and
violations of the EU’s General Data Protection Regulation, or
GDPR. Policyholders should stay informed regarding the available
evolving coverages in order to procure an optimal policy tailored
to their needs.
3. Prioritize the insurance claim.
When the cyberattack occurs, it is important to focus on
insurance coverage as a core component of the incident response.
Too often, companies will back-burner the insurance claim as they
address the immediate forensic and legal challenges posed by the
breach. However, a failure to prioritize insurance issues can have
serious negative ramifications, including late notice issues,
failure to obtain insurer consents, non-compliance with policy
terms, or other missteps that can reduce the ultimate insurance
recovery. A victim of a cyberattack should be careful not to
squander its insurance assets—the goal is to obtain every
dollar of value purchased in the policy. To accomplish this,
companies should consider obtaining a detailed assessment of their
coverage within 72 hours after discovery of an incident. This
assessment should outline the available coverage and the specific
steps that should be taken to achieve a recovery.
4. Know your policy rights.
Many corporate counsel and risk managers have limited experience
with cyber insurance claims. In contrast, insurer claim
representatives typically have extensive experience with cyber
claims and often receive behind-the-scenes advice from the
insurer’s coverage counsel. The insurer claim representatives
will sometimes seek to use their superior knowledge to dictate
terms of coverage or incident response in ways favorable to the
insurer. All too often, insurers will demand information, reject
costs, or insist on appointing counsel when they have no such
rights under the policy. Policyholders that pursue cyber insurance
claims should recognize that their interests are not aligned with
their insurer—and should consider leveling the playing field
by retaining experienced coverage counsel to protect their policy
Despite their current shortcomings, cyber policies remain the
most effective way to mitigate the potentially crippling losses
that can result from a major cyberattack. Therefore, they will
continue to play a central role in corporate risk management
programs. But until the market retrenchment ends, corporate
policyholders should consider the strategies outlined above to help
preserve the value of their cyber insurance.
Two Key Takeaways
- Despite market challenges, cyber insurance remains the most
effective vehicle to protect against the financial consequences of
a major breach incident.
- Policyholders should respond to current market conditions by
devoting appropriate resources to policy procurement and
prioritizing the insurance claim in the event of a breach
The content of this article is intended to provide a general
guide to the subject matter. Specialist advice should be sought
about your specific circumstances.
POPULAR ARTICLES ON: Insurance from United States