TLDR:
Key points:
- Recent massive technology outage impacting various industries has raised concerns about cyber insurance policy language
- Guy Carpenter and Aon provide insights on coverage for business interruption and contingent business interruption within cyber insurance policies
Industry stakeholders are grappling with the implications of a recent widespread technology outage that affected various industries globally. The cyber insurance industry, known for its lack of standardization, is facing challenges in interpreting policy language. Guy Carpenter and Aon have highlighted key aspects of coverage for business interruption and contingent business interruption within cyber insurance policies.
According to Guy Carpenter, the network outage event triggered by the recent technology failure will lead to broad coverage for business interruption and contingent business interruption. The event includes system failure due to non-malicious acts, such as human error. Evaluating network interruption claims will depend on the policy waiting period, which typically ranges from 4-12 hours.
Christopher Keegan, cyber insurance leader for broker Brown & Brown, emphasized that insurers will reassess cyber policy wordings if a large number of claims exceed retentions and are covered losses. Insurers are evaluating the extent of damage and the impact on their books of business. Changes to cyber policy wordings may be made, but without coordination between insurers, non-standard wording in the cyber market is expected to remain the norm.
Aon’s analysis of leading cyber insurers’ policy wordings revealed variations in offering coverage triggered by ‘system failure’ or ‘non-malicious’ events. Insurers are urged to reevaluate policyholder supply-chain dependencies and recalibrate risk tolerances. The incident also highlights the growing risk of single points of failure and the need for insurers to manage exposure effectively.