Cyber-risks are not just about corporate data breaches anymore. I recently spoke to a public adjuster who said he was a victim of a ransomware attack. Ransomware is malicious software (malware) installed on a computer, smart phone, or other mobile device, without the owner’s consent. Once malware is installed, cybercriminals can monitor and control online activity, steal confidential information, interrupt service, commit fraud, or disable access to files and critical data until a ransom is paid to unlock the system.
Luckily for the public adjuster, the attackers did not fully compromise his computer. He hired a computer technician to remove the ransomware, restore the computer, and oust the attackers from his system.
With cyberattacks and potential cyber claims hitting close to home, here are seven things public adjusters should know about cyber risks and cyber insurance.
- A cyber risk is the potential for loss related to the use of electronic devices, computers, or technology.
- Cyber insurance policies cover first and third-party damages. First party cyber coverages apply to a range of potential costs that a company might incur from a breach and go beyond the usual property damage and business interruption. Third party coverage responds to liability for identity theft coverage, class actions, etc.
- Hacking and breach events can lead to business interruption losses. The hacks and ransomware attacks in 2017 underscored that just about anyone is vulnerable to attack. Cyber-related business interruption is a growing concern, arising either out of network interruption, damage or other physical damage related to a breach event.
- Business interruption language varies in cyber policies, and BI related to a cyber event may be excluded or limited under traditional business property policies.
- True cyber policies afford coverage on a claims-made basis. They are not standardized like most fire, homeowners, business property or liability policies.
- Computer attacks can lead to physical damage. So-called “cyber physical attacks” are growing risks. A cyber physical attack is a security breach in cyber space that adversely affects the physical machines and systems that rely on the affected computers. Examples of vulnerable targets include medical devices, utilities, electrical power plants, industrial controls, and self-driving vehicles.
- Keep in mind that your computer system and even estimating software may be vulnerable to a cyber-attack or viruses.
Finally, if you want to learn more about cyber claims and emerging cyber insurance issues, I will be speaking at the upcoming First-Party Claims Conference in Rhode Island on Cyber Claims – Impact of Every Day Cyber Intrusions, Claims and Coverages.