Home > Property & Casualty > Cyber liability – the changing D&O risks

Cyber liability – the changing D&O risks

d-and-o_cyberIn a sluggish world economy, hacking has unfortunately been a robust business. Recent reports issued by the Ponemon Institute, Symantec and others have detailed the stunning growth in cybersecurity breaches (such as a greater than 60% increase in breaches in 2013) and given vivid support to the now-common warning about breaches: “It’s not if, it’s when.”

The avalanche of cyber breaches has alarmed companies — and insurers. Cyber liability exposures include the following, among others:

  • First-party costs incurred in dealing with the breach (forensics, legal, notification, credit monitoring, call center, etc.)
  • Third-party exposures to individuals and entities affected by the breach
  • Regulatory enforcement (SEC, FTC)
  • Intellectual property exposures (often via corporate espionage)
  • Reputational exposures
  • Extortion exposures
  • Theft exposures (such as hacks of bank accounts or phishing-induced erroneous transfers of money)
  • Business interruption costs
  • Data restoration costs

Insurers are experienced at writing policies for claims that are either frequent and relatively minor, or infrequent and potentially severe. Cyber liability claims can be both frequent and severe. Most insurers have responded by capping or even eliminating certain cyber-related coverages.

For corporate insurance buyers, cyber liability coverage is a jigsaw puzzle – with several missing pieces. Some of the largest exposures aren’t currently covered by insurance at all. Even when cyber liability coverage is offered, it is spread among several types of policies. While different types of policies cover certain facets of insurable cyber liability exposure, there is no single policy that covers all of them, and it is therefore easy for losses to fall between the coverage gaps. Heidi Lawson and Danny Harary of Mintz Levin wrote an engaging blog post illustrating this problem here.

Even where insurers do intend to offer some degree of coverage, insurance policy language cannot keep up with the creativity of hackers and the ever-growing breaches du jour. So even when all the available pieces are assembled, the cyber liability coverage puzzle will inevitably have holes. Trying to minimize these holes and their impact has been the focus of insurance buyers and their advisors in a rapidly changing environment.

Click here to read the full White Paper about how the D&O insurance industry is evolving amidst cyber liability risks and exposures.

About the Author

John Doernberg is a Vice President at WGA. He is responsible for developing relationships and serving as a resource for WGA clients, with a particular focus on privacy, information security and risk management issues.

617.646.0336 | JDoernberg@wgains.com | Connect with John via LinkedIn

  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s