Imagine this: You’re working from home, like many others during the COVID-19 pandemic. Your children are also home, remote learning. One of your kids falls prey to malware, infecting your entire network with a virus. Your at-home business’s website is shut down for eight hours. You sigh a breath of relief, thankful that your insurance will cover the costs… or does it?
Cyber insurance is a topic that many insurers and customers have struggled to grasp, not understanding the full depth of this newer product line. For years, cyber coverage has been gradually emerging from the industry’s shadows, appearing as endorsements to existing products and eventually becoming a stand-alone product. However, with this new line comes the need for education so carriers and customers can understand the benefits and value of cyber coverage.
During a webinar for the 2020 Property Insurance Report Online Conference, four insurance thought leaders gathered to discuss ways to find a practical footing regarding cyber insurance. Moderated by AAIS’s Patrick Sullivan and featuring Berkley Re’s Jeffrey Cron, Cyber Fortress’ Alex Tsetsenekos, and Cyber Policy’s Keith Moore, the conversation quickly focused on the growing need for cyber coverage.
COVID-19 and Impact Online
Cyber liability sees peak insurer interest at the beginning of the year, typically during January and February. In 2020, interest in cyber coverage rose dramatically in March as an influx of people due to increased work-from-home scenarios in response to the first wave of COVID-19. In fact, cyber endorsements are up over 150% year over year.
As the pandemic has continued and businesses have realized the inherent value in a location-flexible workforce, cyber risk has continued to take hold. But it’s not without challenges as confusion around cyber risk has now shifted to the blurred lines created by remote work– where is the line drawn between personal and commercial coverage?
Silent Cyber
Silent cyber refers to digital exposures that occur under policies not intended to cover cyber, such viruses attacking company’s website through its remote workforce. Silent cyber creates issues for personal lines because there’s a blurred line between what is and isn’t covered. With a rise in remote work and home-based business combinations, insureds and insurers are unsure where personal and commercial cyber coverage begins and ends. These blurred lines are essential to distinguish and decipher, as it’s important that insureds know what is covered and what is not.
Commercial line providers see silent cyber as less of a hurdle, as long as insurers continue to be “direct, forthright, and clearly denote what is covered, and what’s excluded on an admitted and non-admitted basis,” according to Mr. Tsetsenekos.
To solve silent cyber, Cron suggests carriers be explicit: anything work-related is not covered in personal lines cyber policies…there’s a separation of home and work.
The Future of Cyber Insurance
So, what does the future of cyber insurance look like? Well, according to Mr. Moore, there will be increased acceleration and experience in commercial, mostly the small commercial space first, as commercial sales are up more that 33% in sales in 2020. Eventually cyber will work its way into the Personal Lines industry. Mr. Moore adds that risk wasn’t created by having a work computer on the home network; its created by ‘instances’ such as children accidentally opening malware and exposing the business. These are the types of instances that will force the personal lines cyber industry to partner with more companies, as creating cyber products themselves will be hard. With a COVID-19 vaccine in distribution, we may start seeing a return to a semi-normal work life, while some suspect a remote or hybrid workstyle will be adopted by many. The only cure for silent cyber, however, is transparency and clarification, something that insurers will need to play closer attention to. As long as cyber threats continue to emerge and expand, silent cyber will continue to persist.