Mactavish has warned that the majority of specialist cyber insurance policies contain significant flaws that could precipitate disputed claims and lower-than-expected settlements.
The warning comes amid a reported surge in business looking to protect themselves with specialist cyber cover.
In a review of around 30 off-the-shelf UK cyber insurance policies, Mactavish identified seven common flaws:
- Cover could be limited to deliberate attacks and unauthorised activity, leaving business unprotected in the event of incidents caused by accidental errors or omissions.
- The data breach costs covered could be limited to those which the business is strictly legally required to incur as opposed to much greater costs which would be incurred in practice.
- In the event of systems interruption, cover can be limited to only the brief period of actual network interruption, ignoring knock-on effects after the repair of the technological fault.
- Cover for systems delivered by outsourced service providers varies significantly and is often limited or excluded.
- There were often exclusions for software in development or systems being rolled out. In some cases events involving recently updated systems may be excluded as well.
- If issues are caused by contractors but the business is legally responsible, policies might not respond
- Notification requirements are often complex and onerous.
Bruce Hepburn, Mactavish CEO, said: “There are a number of new cyber insurance policies being launched, but despite a sharp increase in cyber incidents this market is very immature and in many respects untested.
“Perhaps some of these policies have been rushed to market by insurers eager to capitalise on the growing cyber risks facing organisations, and their desire to spend significant amounts of money to protect themselves against this.
“Very few claims have been made on these new cyber insurance policies, but my bet is that many will be disputed, or settlements will be much lower than clients expected. However, this can be avoided if organisations first understand the cyber risks they face, and then secure a bespoke policy to meet their needs.”
We are excited to announce that @SFoodbanks and the Sunday morning initiative team will be joining us at this years @WDragonboat ! The team will have their collection van so bring any food donations you can for local foodbanks #HungerDoesntWearClubColours #CharityTuesday pic.twitter.com/UT9Diup11C— Carpenters Group (@CarpentersGroup) August 20, 2019
- Enterprise claims predicted to reach £319m
- Blog: Whaley Bridge throws spotlight on non-damage business interruption cover
- Blog: Breaking the under-reporting habit
- BoE governor Carney warns insurers over climate change
- FSCS to compensate 14,000 Alpha policyholders as deal collapses
- Ex-JLT pair Palmer-Brown and Crossland join SSL Endeavour
- Blog: Unrated insurers - the risks for UK brokers