Cyber Cited as “Volatile” Part of Insurance Market
Price volatility in the cyber insurance market skewed the results of an otherwise softening property-casualty industry, according to a recent look across all commercial lines conducted by Marsh LLC.
“Cyber remains one of the fastest growing sectors in the insurance market, as evidenced by continued growth in premium and policy count, as well as the steady influx of new capacity. Continued growth in supply and demand for cyber insurance, coupled with unexpected loss activity, led to significant volatility in pricing during 2014, which is likely to continue in 2015,” reported Marsh in its U.S. Insurance Market Report.
Marsh highlighted business interruption losses as a key concern for organizations, as well as the very well-publicized data breaches, cyber attacks, software failures and technology problems that can cause loss of income or supply chain disruptions.
The May 2014 action by the Insurance Services Office (ISO) that ushered data breach exclusions into general liability policy forms will continue to affect insureds, Marsh noted, requiring other options to address cyber risk. ISO’s decision reflects the industry determination that “the internet and electronic commerce were not contemplated when the GL policy form was created.
“Multiple insurers have begun adding some combination of these exclusions to their GL policies, which will typically trigger the same or similar exclusions being added to any umbrella/excess policy sitting above. While clarifying the intent to exclude cyber coverage from GL policies, the endorsements may create coverage uncertainty for bodily injury and property damage resulting from a cyber event,” Marsh noted, while advising brokers and their clients to either seek removal of those exclusions or pick up endorsements for “consequential physical bodily injury (BI) and consequential tangible property damage (PD).”
Marsh also spoke to the growing concerns among directors and officers that a cyber attack could be seen as a boardroom failure rather than a IT issue. For some existing D&O insurance policies, there could be a case for coverage, the firm suggested, depending on the language.
“Although a cyber-attack itself would typically not be covered under a D&O policy, most policies do not include cyber exclusions. Insureds may have potential coverage, subject to respective policies’ terms, conditions, and limitations, in such areas as alleged disclosure related issues and alleged breach of fiduciary duty,” stated Marsh.
Cyber insurance losses increased in both frequency and severity in 2014, Marsh reported. Litigation following data breaches contributes to the cost of a claim, and the broker’s report pointed out signs of more class action lawsuits surviving past the “motion to dismiss” phase.
The ability of claims to survive a motion to dismiss is a troubling development for victims of cyber-attacks as it increases both the likelihood of third-party litigation and the expected cost of these attacks, as claims surviving a motion to dismiss are generally more expensive to defend,” Marsh stated.
The cyber insurance market’s growth shows no signs of abating, as cyber attacks increase and succeed more often, and as the risks expand beyond a single company’s computer system.
“The ‘collateral damage’ from cyber attacks can be expected to grow over the next few years as their increased sophistication makes post-event investigation and remediation more time-consuming,” Marsh concluded.
Read more at http://www.cyberrisknetwork.com/2015/02/10/cyber-cited-volatile-part-insurance-market/