Cyber Security Insurance: Four Key Questions to Ask When Speaking to a Broker

Cyber Security Insurance: Four Key Questions to Ask When Speaking to a Broker

As cyber-attacks and data breaches are becoming increasingly commonplace, management and corporate boards are seeking avenues to transfer a wide-range of potential cyber risks through an insurance policy. Mr. Zeichner discusses the four key questions that must be asked by any corporation seeking to obtain a cyber-insurance policy.

Mr. Zeichner writes: As companies increasingly rely on interconnected information technology systems, the incidence of cyber attacks and data breaches are rapidly increasing. These types of events are quickly becoming "front-page" incidents that can significantly impact both the financial and the reputational bottom-line of a company. In addition, activities required by law following such an incident, such as notification and remediation can be both very expensive and difficult to plan and budget for. In the face of these concerns, brokers of cyber insurance are increasingly promoting policies targeted at enabling the transfer of those cyber security risks.

At the same time, management and corporate boards are becoming more aware of the risks involved and are seeking avenues to transfer a wide-range of potential cyber risks through an insurance policy. As a result, both parties are approaching the same problem from different vantage points. Due to the complexities of the cyber security insurance market, it is essential for a corporation wishing to explore potential insurance products to understand the current state of the market and key offerings that are available. There are four key questions that must be asked by any corporation seeking to obtain a cyber insurance policy to support a responsible decision-making process.

As a result of the increased publicity and news reporting on cyber attacks and data breeches, insurance brokers are increasingly interested in developing products that take advantage of the fears of the market place to drive interest towards cyber insurance policies. That being said, a reality of the reinsurance market is that the broker must be able to adequately bundle a wide-variety of quantifiable risks to make an appealing product for purchase by an underwriter such as AIG, ACE or Zurich. This quantification is very difficult to achieve on product offerings that a company may be most interested in. This has resulted in a re-insurance market that is surprisingly small, most likely in the range of $350M -- $400M, and tends to focus on the coverage of liabilities associated with notification and recovery from a cyber attack or data breach. This is due to the inherent difficulty in bundling technology associated risks that are extremely challenging to quantify, such as business continuity or loss of business functions that may depend on critical information systems.

Access the full version of "Cyber Security Insurance" with your lexis.com ID

If you do not have a lexis.com ID, you can purchase the Emerging Issues Analysis content through our lexisONE Research Packages