Which Policy Covers Cyber Insurance Claims?

  • June 17, 2023
  • 3 min read

In the ever-evolving landscape of cybersecurity, a new type of cyber threat has emerged, bringing with it unique challenges for businesses seeking insurance coverage for potential losses. This phenomenon involves hackers or ransomware attackers infiltrating a network, lying dormant for an extended period—ranging from weeks to months or even years—before executing an event that leads to a loss. This peculiar strategy raises crucial questions about the timing and parameters for filing cyber insurance claims.

Claims Made vs. Occurrence Policies: Understanding the Difference

The complexity stems from the distinction between two common types of insurance policies: claims-made policies and occurrence policies.

  1. Claims-Made Policies: If your business has a claims-made policy, you must file a claim during the policy period in which the loss occurred. In other words, if you experience a cyber attack today, you file the claim based on the policy that is currently in effect.
  2. Occurrence Policies: With occurrence policies, you file a claim for the policy that was in place when the cyber attack occurred, even if the discovery and manifestation of the loss happen at a later date. This means that if a hacker infiltrated your network two years ago but the attack is revealed today, you would file the claim under the policy from two years ago.

The Challenge Posed by Delayed Action Cyber Attacks

The new breed of cyber attacks involves hackers gaining unauthorized access to a network, collecting sensitive data, and, significantly, biding their time before causing the actual damage. This delayed action introduces a layer of complexity, as businesses must determine the appropriate policy under which to file a claim. Moreover, the currency of reporting comes into play, as some policies may stipulate a specific timeframe within which losses must be reported.

Unraveling the Intricacies: Addressing the Policy Gap

The unique characteristics of these delayed-action cyber attacks may not be adequately addressed in standard policy documents. Therefore, businesses are urged to scrutinize their insurance policies, seeking clarity on coverage specifics related to this type of threat. Insurers may need to adapt policy language to encompass scenarios where an attack is detected long after the initial breach.

Preventive Measures and Policy Adaptations

In light of this emerging threat, businesses are advised to:

  • Regularly review and update cybersecurity measures to minimize the risk of undetected intrusions.
  • Engage in proactive risk management strategies to address vulnerabilities.
  • Seek clarification from insurers on policy terms and conditions related to delayed-action cyber attacks.
  • Consider policy endorsements or riders that explicitly cover losses arising from extended periods between intrusion and execution.

Navigating the Cybersecurity Frontier

As cyber threats continue to evolve, businesses must stay vigilant and adaptive. The surge in delayed-action cyber attacks emphasizes the importance of aligning insurance coverage with the intricacies of modern cyber threats. By addressing potential gaps in policies and fostering a proactive cybersecurity culture, businesses can better navigate the intricate landscape of cybersecurity and insurance, ensuring they are adequately protected against the ever-changing threat landscape.

Leave a Reply

Your email address will not be published. Required fields are marked *