Many insurance companies are stuck between that proverbial “rock and a hard place” when it comes to cyberattack claims. Those increasingly issue from commercial policyholders who have generalized risk policies rather than specific cyberattack coverage.
On the one hand, a claimant might demand payment for damages based on “all-risk” policy language covering business losses. A commercial client might simply argue that generalized language is sufficient to ensure payment on a claim because it is inclusive concerning damage sources.
On the other hand, though, such language is arguably imprecise and should not require payment for losses from what is a singular and unprecedented threat.
One insurance expert in a recent CNN article on cyberattacks and the stark challenges they pose for commercial insurers stresses that a cyberattack spells a business challenge unlike any other.
“There is a myriad of ways in which a cyberattack can cause financial loss,” he says.
Indeed, policyholders routinely spotlight equipment damage, lost down time, alleged harms suffered by users and more. Collectively, those money demands can spiral into multi-billion-dollar claims.
The CNN piece notes that insurers are understandably challenged to the core by policy claims grounded in cyberattack allegations. And they are especially concerned with policy language “written at a time when nobody could have predicted that these attacks would happen.”
Cyber threats might reasonably be deemed the preeminent concern for commercial insurers globally. Questions concerning this newly emerging and challenging subset of the insurance industry can be directed to attorneys at an established insurance defense law firm.