Many Lloyd’s contracts woefully inadequate on cyber wording
An analysis of almost 400 reinsurance contracts underwritten at Lloyd’s of London has proven that there could be potentially significant vulnerabilities and exposures if a catastrophic cyber-attack was to occur.
The survey of 392 property and casualty reinsurance policies underwritten by three reinsurers at Lloyd’s, proved that at least 40 percent did not contain standard cyber exclusion in the wording, where one of the reinsurers examined not referring to cyber terms at all in 68 percent of cases.
The analysis concluded that in the event of a catastrophic cyber-attack, reinsurers could find themselves open to the full limits on their policies, which were initially intended to cover property damage or casualty lines, as a cyber “hack” is found to be the proximate cause of loss.
“These data are quite revealing, particularly as they follow the Lloyd’s performance management directorate’s recent call for members to work within its ‘oversight framework for cyber-attack exposure monitoring,’” said Laurie Davidson, chief executive officer at Adsensa.
“We used our QA Software to analyse the reinsurance contracts from three managing agents and found that as many as two thirds had no reference to cyber terms at all.
“This was quite a surprise and I imagine very different to how many in the market perceive things; there are at least 20 standard market clause references to choose from and it seems that most would expect their policies to contain the appropriate exclusions so they are not covering unintended perils.”
An effort to imagine cyber catastrophe was recently made by modelling specialists at Risk Management Solutions, who designed a range of scenarios in their recent paper ‘Managing insurance accumulation risk.’
These scenarios included mass co-ordinated data breaches and distributed denial of service (DDoS) attacks on a biblical scale, causing as well as other things, a global collapse in consumer confidence or the theft of billions in assets from financial institutions.
“Cyber-attack is now quite rightly recognised as a potential cause for losses on property policies, business interruption, financial lines and many other types of insurance,” added Davison.
“Although only a small sample was taken for our analysis, subscription markets like Lloyd’s see underwriters sharing business on the same slip so when a minimum of 41% contain no cyber exclusions at all, it will be difficult to calculate probable maximum losses accurately.”
Already registered?
Login to your account
If you don't have a login or your access has expired, you will need to purchase a subscription to gain access to this article, including all our online content.
For more information on individual annual subscriptions for full paid access and corporate subscription options please contact us.
To request a FREE 2-week trial subscription, please signup.
NOTE - this can take up to 48hrs to be approved.
For multi-user price options, or to check if your company has an existing subscription that we can add you to for FREE, please email Elliot Field at efield@newtonmedia.co.uk or Adrian Tapping at atapping@newtonmedia.co.uk