1871 Blog

Guest Blog: 3 Considerations While Selecting Cybersecurity Coverage

Written by 1871 | 4/29/20 4:42 PM

Guest Author: Aon

As entrepreneurial and growth-stage business communities grapple with the virtual workplace and remote work styles, connectivity has become necessary lifelines for business to continue in a pandemic environment. The heightened reliance upon technology escalates cyber security considerations and brings increased focus on the scope of cyber insurance and professional liability coverages in a dynamic global insurance market.

A careful review of both existing coverages and emerging market offerings can help insureds confidently assess their cyber and technology-based risk transfer strategies in a new remote-dependent business world. Here are a some considerations while selecting the cyber coverage that’s best for your company:

1. Existing Insurance May Already Address Cyber Risks Amplified by the Remote Workplace

Although the need to work from a distance has transformed useful technological alternatives such as remote login, video connectivity and the ability to conduct business on personal devices to business necessities, many cyber and professional liability insurance policies already contemplate coverage for the risks attendant to these now critical technologies.

Both stand-alone professional liability policies and cyber policies with technology errors and omissions (E&O) insuring agreement may insure against many of the types of third-party liabilities that may arise out of technology services that many businesses may be providing in greater volume during the pandemic. Insureds should review key policy definitions such as professional services or technology services to determine whether any new or augmented service offerings in the current environment are contemplated.

Increased technology reliance also brings increased opportunities for hackers and network security incidents which may trigger third-party and first-party losses. While the risks may have increased as the use of these technologies has scaled, the exposure is not necessarily new as many cyber insurance policies typically provide coverage for these events including coverage for ransomware demands, incident response costs, network security liability, privacy liability and regulatory liabilities. Likewise, first-party costs may also be a part of many robust cyber insurance policies, including income loss and extra expense from network interruption or contingent business interruption, as well as data recovery and restoration costs and income loss from system failure.

2. Critically Assess New Exclusions and Policy Wording

Insureds should pay careful attention to new exclusions that insurance markets may offer both during and following the COVID-19 pandemic. For example, language seeking to exclude “any” losses or claims “arising out of” or “related to” COVID-19 should be avoided, or at a minimum, negotiated so that losses and claims intended to be covered are not excluded simply because they are occurring during the pandemic. Similarly, an exclusionary effect can accompany changes to definitions which attempt to narrow what is in-scope as a “professional service,” or what constitutes a “computer system.” As a result, insureds should work with their broking team to critically analyze the impact of any proposed wording changes given the new necessity of conducting business in a remote work environment.

3. Companies should consider the following as they review coverage during the COVID-19 Pandemic:

  • Assess changes to business activities and technology partners to determine whether such circumstances are contemplated by the scope of existing insurance policies.
  • Work with your broking team in advance of a renewal to determine whether any desired language amendments would be appropriate to help meet evolving remote business activities.
  • Critically analyze any proposed language changes or new exclusions from insurance carriers and seek to resist efforts by insurance carriers to use the COVID-19 pandemic to restrict or remove core coverages traditionally offered in many cyber and professional liability insurance policies.
  • Seek to negotiate the narrowest wording possible on exclusions, avoiding broad terms that may lead to overly broad application of exclusionary wording.

Learn more by downloading the 2020 Cyber Security Risk Report – Solving The Cyber Puzzle: The Unexpected Ways Cyber Risk Impacts Your Business.

 

About the Author: Aon

Aon plc (NYSE: AON) is a leading global professional services firm providing a broad range of risk, retirement and health solutions. Our 50,000 colleagues in 120 countries empower results for clients by using proprietary data and analytics to deliver insights that reduce volatility and improve performance.

Follow Aon on Twitter and LinkedIn. Stay up to date by visiting the Aon Newsroom and hear from Aon’s expert advisors in The One Brief. Sign up for News Alerts here!