The way insurers define words could affect the way cyber insurance works for businesses
How insurers define certain words may end up shaping cyber insurance as a whole. Winn Schwartau, CEO of The Security Awareness Company, recently spoke at, SC Congress Chicago where he suggested that definitions could play a major role in how cyber insurance works for businesses both large and small. Cyber attacks are classified through various terms, such as attacks, controls, and in extreme circumstances, wars. The way insurers define these terms could be a problem for businesses with cyber insurance in place.
Definitions have a major role to play in the insurance industry
In the case of the term “war,” insurers may not have to provide coverage for these attacks, since an act of war is not generally covered by insurance companies. Another issue exists with the term “control.” If a business falls victim to a cyber attack issued from a USB device that has been infected with malware, cyber insurance policies may not kick in depending on who actually had control of that USB device at the time. Insurers are often quite careful with how they define certain terms, and this may have an impact on whether or not businesses can use their cyber insurance coverage to cover whatever losses they may face in the wake of a cyber attack.
Some cyber insurance policies may be redundant for large businesses
Notably, businesses often have a wide range of insurance coverage in place in order to mitigate whatever losses they may see. As such, businesses are often encouraged to speak with brokers in order to determine whether or not they have an appropriate level of coverage. Because of the policies they already have in effect, some large businesses may find that certain types of cyber insurance is redundant. Meeting with brokers can resolve any coverage issues that businesses might have in this regard.
Businesses need to ensure that their insurance policies are renewed on time
One major issue facing businesses today is the fact that cyber attacks are not always immediate. In some cases, storage devices that contain confidential information are lost without being immediately evident. In these cases, those that have stolen these devices could wait years before actually exploiting the information stored on the device, during which time a company’s cyber insurance policy could be allowed to expire, exposing them to significant risks.