Pay Attention to Exclusions in Cyber Insurance Policies

While cyber threats grow and the cyber insurance market evolves, insurers are regularly adjusting their policy terms and conditions in response to new threats and exposure.

Carriers have amassed nearly a decade’s worth of data and are getting more stringent about underwriting and demanding that policyholders do their share by implementing best practices aimed at preventing cyber attacks and reducing their impacts.

They have also been adding more exclusions to policies, according to a new report by Delinea. The report is a sobering reminder that business owners need to carefully read their policies. The access-management software firm notes that:

  • All respondents to its survey had at least one exclusion in their policy that would void coverage.
  • All respondents had at least one attack-related expense that wouldn’t be paid for by cyber insurance.
  • Businesses should create a “rainy day” fund to pay for situations that won’t be covered by their cyber insurance. The report notes that the average cost of a data breach in 2023 exceeds $4 million.

Exclusions to watch out for

Obviously, the crucial question is: What are the most common exclusions in cyber insurance policies?

Missing security protocols — Insurers require businesses to have certain security protocols in place, such as keeping software and systems updated with the latest versions and security patches, regularly training staff on cyber security and using certain security controls.

Internal threats — Acts by employees, like hacking, cyber extortion, data theft and other illegal or unauthorized activities, are typically excluded.

Human error — If an incident is caused or worsened by a mistake, like misconfiguring or failing to address known vulnerabilities, a cyber claim may be denied as the insurer could argue that the event could have been prevented or mitigated.

Act of war or terrorism — While many cyber insurance policies have these exclusions, courts have increasingly pushed back on them as a pretext for denying a claim after a cyber attack. Often it’s difficult for the carrier to prove it was an act of terrorism or war.

Out of compliance — Misrepresentations or nondisclosure of material information on a cyber insurance application may cause the insurer to deny coverage.

Failure to report an event in a timely fashion — If you fail to inform your cyber insurer of an event within the timeframe specified in the policy, or if you provide incomplete information, the company may deny the claim.

The takeaway

If your firm is hit by a cyber attack, you’ll be doing most of the heavy lifting and you’ll be dealt many expenses to get back to normal.

Respondents to the Delinea poll said that their cyber insurance policies were most likely to cover expenses related to data recovery, although insurers’ definition of that term vary depending on the circumstances.

“For example, say an attacker is holding your data for ransom. Some insurance companies may say they want to make the decision whether to pay the ransom to recover your data (regardless of your preference),” the report states.

The key is to understand your policy’s coverage and have protocols in place to reduce the chances of an excluded event taking place.

If you would like to speak with us call Gary Wallach at 914-806-5853 or click here to email or click here to visit our website.

BGES Group, located in Larchmont, N.Y. are New York Construction Insurance Specialists that represent 50+ companies and all the BEST general & umbrella liability programs!  We offer every coverage you need including property, builders risk, inland marine, general liability, umbrella liability, auto, bid & performance bonds, workers’ compensation, N.Y.S. disability and group health.  We are extremely responsive, responsible, trustworthy, fast, minimize your insurance headaches, we don’t charge ridiculous policy or service fees and when you call, text or email, whatever time of day, even weekends, we are ARE THERE to help YOU! 

BGES Group are Workers’ Compensation Insurance Specialists for Tri-State Business Owners: Unhappy with your rates, company, being cancelled, losses causing difficulty getting coverage, in the middle of an audit dispute, payrolls misclassified, whatever your issue, we can help!  We have special programs for: Auto Service, Contractors (especially New York), Limousine Services, Logistic Companies, Manufacturers, Recyclers, Truckers, we can help ANY tri-state business owner.  We are considered “Preferred Agents” for this one program that if we can get you in, their pricing is excellent, offers long-term coverage stability and can cover multi-state operations. Program takes the hassle out of doing annual audits too.

If you would like to speak with us call Gary Wallach at 914-806-5853 or click here to email or click here to visit our website.

Company: BGES Group, 216A Larchmont Acres West, Larchmont, NY 10538



© – Copyright – 2023 – BGES Group

Posted in Uncategorized.

Leave a Reply

Your email address will not be published. Required fields are marked *