Stephanie Snyder Frenier is Senior Vice President of Professional and Cyber Solutions Practice at CAC Specialty. Stephanie has over 18 years of experience engaging with clients and prospects to develop bespoke cybersecurity and technology errors and omissions risk transfer solutions, while supporting the strategy of marketing and sales.
There is much talk in the cyberinsurance industry about the challenge of systemic risk, and many insurers have announced their intention to address these exposures with new policy language.
However, most carriers have already taken steps to address certain aggregate risk elements by limiting the scope of Cyber Business Interruption (BI) coverage.
BI is the most challenging part of cyber underwriting, as it requires understanding an insured’s resilience to a cyber attack, including incident response, business continuity, disaster recovery, as well as dependencies within the IT and non-IT supply chain.
There is a significant amount of variation in the cyber BI coverage offering on the market. Here are five BI coverage items to consider when purchasing cyber insurance:
1) Duration of the waiting period
Before the hard market, wait times could be as little as 8-10 hours for most policyholders, whereas with the tough market conditions of 2021 some carriers have started to push for wait times. waiting 24 hours or more.
The market standard is 12 hours, which is generally available in today’s moderator market.
2) Applicability of the waiting period
It is important to consider how the waiting period works.
Many carriers use the waiting period as a “qualifying period” for coverage, and once the business interruption reaches the duration of the waiting period, coverage is triggered and then dollar retention is then applied to the first minute of loss.
Other carriers use the waiting period as a retention in terms of the amount of loss incurred during the duration of the waiting period.
In this case, carriers tend to apply the “greater” of the dollar amount of loss due to business interruption during the waiting period or the dollar amount of retention, whichever is greater.
3) Period of compensation
This is the period the carrier will compensate for business interruption, as defined, and can vary from as little as 90 days to as long as 180 days.
Typically, this takes into account additional expenses incurred by the insured during the business interruption as well as any associated loss of income.
In some policies, an extended indemnity period may be available to account for continued loss of income resulting from business interruption.
4) Dependent activity interruption
Carriers continue to be concerned about the extent of dependent business interruption (DBI) coverage and are working to clarify what constitutes a “dependent business”.
Dependent businesses generally include IT service providers (including cloud service providers) that the insured depends on to operate their IT networks.
During the pre-2020 cyber insurance soft market, cover was also available for non-IT vendors, but this has largely been eliminated given the potential for loss and lack of underwriting perspective in the insured’s supply chain.
In addition, insurers seek to define dependent businesses only as those under contract with the insured.
5) Sub-limits
One of the ways carriers protect against loss aggregation from business interruption is by applying sub-limits.
Although full limits are generally available for DBI coverage related to a security failure, many carriers still apply sub-limits for DBI related to a systems failure (a technological failure not due to a breach).
However, the challenge with subboundaries is with any excess placement, in terms of ensuring that excess carriers follow the subboundary in their layer, and otherwise recognize erosion of the underlying boundary.
As the cyber insurance market continues to work to clarify systemic risk coverage, buyers should expect the above coverage elements to be reviewed by insurers.
A good broker’s job is to help buyers understand the nuances of cyber coverage and ensure the terms of the policy make sense in relation to business operations and other lines of coverage. which may apply (such as ownership).
The more information buyers can include in the quote, the easier it is for underwriters to understand business interruption risks and offer better coverage terms. &
#Cyberspace #business #interruption #coverage #simple #key #mind