Cyber insurance is on its way to solidifying itself as a “must buy” product; according to a recent Advisen survey, more than 64% of companies have purchased a cyber insurance policy and even more are considering it.
And while that’s great for insurance producers’ pocketbooks, many in the business are still rather hazy as to how cyber insurance works and how it interacts and overlaps with other commercial policies. Two recent court cases highlight the confusion.
The first involves a federal court decision in April, which held that an insurer must defend its commercial general liability policyholder in legal defenses it mounted following a data breach in which hackers were given access to private records. The decision made a case for some cyber coverage in the CGL, though industry experts still agree that policyholders – and their agents – are safer with a standard cyber policy.
The second case, Apache Corporation vs. Great American Insurance Company, involved the use of a computer to communicate fraudulent information resulting in the theft of funds. While litigation is not complete, courts thus far have ruled in favor of the insured, which claimed it had coverage through its crime protection policy.
While both cases, thus far, have found coverage for the insured, an opposite verdict could lead to errors and omissions lawsuits on the part of the producer, which either failed to advise on the importance of cyber insurance or misunderstood the policy themselves.
Christine Marciano, president of Cyber Data Risk Managers, an independent insurance agency specializing in data privacy, cyber liability risk, D&O insurance and intellectual property protection, said it is extremely important for both agents and their insureds to understand cyber coverage when it is purchased and before it is needed.
“What has become the most important risk to cover, has also become the most important process a company has to get right from the start, and right up to the anticipated insurance claim,” she said. “From assessing and identifying cyber risks and aligning them to cyber insurance coverages, preparing for the cyber insurance underwriting process, enduring the underwriting process, and navigating the plethora of non-standard cyber insurance policy offerings – these and more are what a company is up against when purchasing a cyber insurance policy. This is why it is crucially important that the broker understands what the policy covers and does not cover before recommending a particular policy to a client.”
Otherwise, she said, the producer better understand what’s covered in his or her E&O policy.
The advent of cyber should have producers both double-checking their coverage and reassessing it. R.E. Chaix, which offers agent E&O, says claims have been increasing from policyholders, carriers and third parties.
“Sound advice does not guarantee that agents are immune from litigation,” the company said. “According to current trends, 1 in 7 agents will be involved in an Errors & Omissions claim once during their career.”
