Insureds and agents need to understand cyber policies

Apache vs. Great American holds lessons for everyone concerned about cyber crime

Cyber

By

Are your insureds covered for everything they think they are covered for? Are they covered for everything they should be covered for? While not everyone will pay for all the coverage their agent advises, everyone should at least know what they are covered for.

This may seem obvious, but a lack of clarity can lead to litigation and lost clients at the very least. A recent case filed in Houston Division of the United States District Court well illustrates what can happen when carriers and their insureds have different understandings of a policy.

Apache Corporation vs. Great American Insurance Company highlights the importance of everyone being on the same page.

Apache had purchased a “Crime Protection Policy”, which insured against multiple risks including “computer fraud.”

The facts of the case are that an employee at Apache received a telephone call from someone representing themselves as an employee of an Apache vendor asking to change the account funds are routed to when the vendor invoices Apache for services rendered. The person was told to make the request in writing on the vendor’s letterhead, which was then done via email.

Funds were then sent to the new account until Apache was notified by the vendor that it had not been paid. There was no systems breach involved, but computers were used to communicate fraudulent information resulting in the theft of funds.
While litigation is not complete at this point, the courts have thus far ruled in Apache’s favor.

Christine Marciano, president of Cyber Data Risk Managers, an independent insurance agency specializing in data privacy, cyber liability risk, D&O insurance and intellectual property protection, said it is extremely important for both agents and their insureds to understand cyber coverage when it is purchased and before it is needed.
 
“What has become the most important risk to cover, has also become the most important process a company has to get right from the start, and right up to the anticipated insurance claim,” she said. “From assessing and identifying cyber risks and aligning them to cyber insurance coverages, preparing for the cyber insurance underwriting process, enduring the underwriting process, and navigating the plethora of non-standard cyber insurance policy offerings – these and more are what a company is up against when purchasing a cyber insurance policy.  This is why it is crucially important that the broker understands what the policy covers and does not cover before recommending a particular policy to a client.
Otherwise, the broker better understand what their own E&O policy covers in the event they misguide their client,” she said.
 

Keep up with the latest news and events

Join our mailing list, it’s free!