Cyber risk - mind the gap!

News / / Cyber risk - mind the gap!

Today, almost every organisation is reliant on technology – it dominates communication systems, transport, financial services and many other aspects of commerce – and as technology becomes ever more complex and sophisticated, so do the risks you face.  

Cyber risks are a real and significant threat to all types of organisations, causing potentially far reaching and devastating consequences for all aspects of business and trade.

  • Are insureds and their brokers in blissful ignorance of their lack of any meaningful coverage for cyber related exposures?
  • Are underwriters of standard property and/or liability classes aware of their potential exposure to cyber losses?
  • How big and how wide is the aggregation risk for reinsurers?
  • Are the exclusions and protections traditionally relied on by the market still fit for purpose?

These are just some of the questions thrown up by recent surveys which ask whether buyers and sellers of insurance are doing enough to ‘mend the cyber roof while the sun is still (just about) shining’.

Repeatedly, surveys reveal that cyber risk is now among the top 3 or 4 concerns for corporate boards and for insurers alike. The increase in the frequency and sophistication of cyber failures/attacks draws into sharp focus the importance of insurance. However, outside specialist circles, it is concerning that the insurance coverage for cyber risks is not better understood and managed – there are notable gaps. Moreover, there remains

a widespread uncertainty as to whether, and if so how, non-specialist insurance policies will respond to a significant cyber event. Conventional insurance products may exclude or restrict damage caused by a cyber event.

Belief v Reality

Image removed.

For example, surveys have shown that while 50% of corporate CEOs believe that they have adequate protection against a cyber event, analysis of their insurance cover indicates that only 10% in fact have the protection they believed.

This misunderstanding, however, is not confined to the insureds. A recent analysis by software provider Absensa released on 18 July 2016 is reported to show that a review of almost 400 reinsurance contracts underwritten at Lloyd’s revealed significant exposures to catastrophic cyber events. At least 40% of the policies did not contain standard cyber exclusions and some 68%, it is reported, had no reference to cyber terms at all.

In part, this perhaps represents an industry inertia but also the failure to adapt coverage terms in some sectors to the rapidly developing technologies and ever changing risk profiles. For example, a cyber event can lead to catastrophic physical damage and personal injury losses as well as the more readily anticipated data theft and business interruption exposures. It is also the case that many of the regularly used exclusion clauses are limited in their effectiveness as they focus on hostile acts, often by outsiders, rather than the increasingly common inadvertent cyber event or insider action.

In the circumstances, both insureds and insurers (as well as their reinsurers) would be well advised to undertake a careful review of their policy wordings in order to understand precisely what is and is not covered, and to make any necessary changes.

No-one likes nasty surprises - make sure you are not at the receiving end of one!

Simon Cooper

Simon Cooper Consultant

Related sectors:

Related services:

Related news & insights

Insights / Success with subrogation in the UAE

25-05-2021 / Insurance

Insurers often perceive subrogated recoveries as challenging and uncertain in this region and that can be true to some extent. 

Success with subrogation in the UAE

Insights / Insurance & Reinsurance guide 2021

25-01-2021 / Insurance

We are pleased to share with you Chambers and Partners 'Insurance & Reinsurance guide 2021', of which Simon Cooper is the contributing editor.

Insurance & Reinsurance guide 2021

Insights / Supreme Court checks out of Orient Express Hotel

19-01-2021 / Insurance

On 15 January 2020, the Supreme Court handed down its judgment in this test case that was initiated by the Financial Conduct Authority (“”FCA”) in order to determine a number of common coverage issues pertaining to the correct response of non-damage business interruption policies to the Covid-19 pandemic.

Supreme Court checks out of Orient Express Hotel

Insights / Decennial Liability in the UAE

05-10-2020 / Insurance

At its core, decennial liability is a form of strict liability imposed on architects, engineers and contractors in the case of total or partial collapse of a building or structure or defects found in the building or structure that threaten the structural integrity of the building.

Decennial Liability in the UAE

Insights / The Insurance and Reinsurance Law Review Eighth Edition

16-06-2020 / Insurance

We’re pleased to share with you the eighth edition of The Insurance and Reinsurance Law Review. Ince is a member of The Law Reviews (TLR) leading panel of contributors and the team this year led by Peter Rogan as the Editor, contributed to the following topics:

The Insurance and Reinsurance Law Review Eighth Edition

Insights / Chapter 15 - England and Wales

16-06-2020 / Insurance

The UK insurance and reinsurance industry is the largest in Europe and the fourth-largest in the world.

Chapter 15 - England and Wales

Quick links

The Legal 500 2021

“Very available and responsive to company developments in real time. Frank, clear advice – not just the ‘easy’ answer.”

The Legal 500 2022

“The solicitors who have handled our employment related issues are of the highest quality in terms of their specialist area of expertise, their professionalism and their approach to us as clients and as people. Special mention has to be made of Laura Livingstone. Laura became a key member of our team and felt more like a colleague than an external adviser – a colleague you could rely upon. Laura’s attention to detail, professionalism and responsiveness was second to none. Laura has come to know and understand us as individuals and this has enabled her to personalise her advice and even sometimes to preempt our future requirements. We have a very special and extremely valuable relationship with her and the firm.”

- The Legal 500

The Legal 500 2022

“Ince are an excellent “fit” with our specific needs. The firm has consistently provided a broad range of personnel-related advice and in our experience that advice has been consistently of the very highest professional standard: it has been timely, comprehensive, accurate and at a cost which is commensurate with the budget of an organisation of our size.”

- The Legal 500

The Legal 500 2022

“The firm has an unusually high degree of insight into the practices and policies required by the Gambling Commission as regards compliance with its own requirements and conditions – particularly Andrew Tait, derived from his previous in-house experience.”

- The Legal 500