Sign up for The Paypers newsletter Follow The Paypers on LinkedIn Follow The Paypers on Twitter Follow The Paypers on Facebook
The Paypers, paypers, Insight in payments, News, Reports, Events
Digital Identity, Security & Online Fraud

Major flaws in specialist commercial cyber insurance cover – study reveals

Monday 21 January 2019 | 10:06 AM CET

There has been a surge in businesses buying specialist cyber insurance, however there are significant flaws in the majority of these policies according to a UK-based expert on insurance.

Mactavish, a company that advises organisations of all sizes on their insurance requirements, has recently launched a new Cyber Risk Consulting Practice. The study reviewed dozens of ‘off-the-shelf’ cyber insurance policies and identified seven significant common flaws:

  1. Cover can be limited to events triggered by attacks or unauthorised activity – excluding cover for issues caused by accidental errors or omissions;

  2. Data breach costs can be limited – e.g. covering only costs that the business is strictly legally required to incur (as opposed to much greater costs which would be incurred in practice);

  3. Systems interruption cover can be limited to only the brief period of actual network interruption, providing no cover for the more significant knock-on revenue impact in the period after IT systems are restored but the business is still disrupted;

  4. Cover for systems delivered by outsourced service providers (many businesses’ most significant exposure) varies significantly and is often limited or excluded;

  5. Exclusions for software in development or systems being rolled out are common and can be unclear or in the worst cases exclude events relating to any recently updated systems;

  6. Where contractors cause issues (e.g. a data breach) but the business is legally responsible, policies will sometimes not respond;

  7. Notification requirements are often complex and onerous.

Mactavish has been closely involved with the project to reform commercial insurance law in the UK, an eight-year programme which culminated in the Insurance Act 2015, according to the official press release.