For almost 30 years, cyber insurance has covered losses and expenses associated with a growing range of cyber perils – data breach, notification cost, third-party liability, business interruption, cyber extortion, reputation damage, and many others.
As coverage has expanded, more companies are buying cyber insurance and taking advantage of the protection it offers. Cyber claims and payouts have risen in tandem: leading cyber insurers report ever-greater claim volume every year, and US insurers paid cyber claims of nearly $400 million in 2018, up 75% over 2017.
So why is there skepticism about the responsiveness of cyber insurance? Too often, cyber policies are conflated with property, casualty, and crime policies, particularly around how these policies respond to cyber claims. Many organisations, and media, mistakenly expect cyber losses to be fully covered under non-cyber policies.
Cyber risk can result in multiple forms of loss not traditionally excluded under property, casualty, and crime policies. But as insurers see rising claim volume under non-cyber policies, they are closely monitoring that “silent cyber” risk and excluding cyber from traditional insurance lines.
This shows the importance of obtaining cover under an affirmative cyber policy that is tailored to an organisation’s specific exposures and offers the best chance for insurance to respond. As cyber threats become more economically damaging, and as traditional insurance lines retreat from covering cyber events, affirmative cyber coverage is an increasingly vital tool.
In this article, we debunk some common inaccuracies and myths around cyber insurance and highlight the many broad and innovative cyber coverages available today. Organisations should look past erroneous myths about cyber insurance and work with a knowledgeable broker to design a standalone cyber insurance program tailored to their unique risk profile.