Local: (805)-371-3680 | Toll Free: (800) 240-CHIV
Cyber threats may require more customization of insurance coverage than other risks, according to a new report from Mactavish.
Mactavish, a group that specializes in insurance governance, surveyed around 700 senior managers in the UK and found that fewer than one in three think their companies have cyber-specific insurance.
Only 40 percent of respondents feel they have adequate insurance for the cyber risk their organizations face.
When asked the reason for not buying cyber insurance, 22 percent said they did not trust insurers to pay their claims.
When it comes to “off the shelf” security and privacy policies, Mactavish found organizations may be correct in their views that insurers won’t pay.
Based on its analysis of standard cyber insurance wordings, Mactavish found at least eight common flaws in these generic policies. According to the report, potential coverage gaps include:
- Coverage limited to events triggered by attacks or unauthorized activity – excluding issues caused by accidental errors or omissions
- Data breach costs that are limited to only the costs a business must legally pay
- Policies that may not respond to a data breach caused by contractors, but the company is legally responsible
Like many forms of business insurance, cyber losses and cyber policy wordings can be highly complex, according to Mactavish.
“In an area like Security and Privacy (insurance) that is still being tested, focused negotiations on coverage terms can have long-lasting effects,” says Barry Kramer, senior vice president at Chivaroli & Associates Insurance Services.
