...a distinction among losses attributable to property, equipment breakdown and cyber perils — and to have policies cover losses on the basis of what caused the loss.
For example, some sample cyber policies reviewed for this article explicitly exclude coverage for losses arising from damage caused by “natural” or “physical” perils. Presumably, the intent is that those losses would be covered under a property policy and its accompanying business interruption coverage.
Whether carriers are succeeding in maintaining the distinction based on perils or whether it is ultimately worth trying, remains to be seen.
For one thing, there’s the usual challenge of determining the cause of a loss from a pile of rubble or a smoldering ruin. Beyond that, one wonders if peril-based distinctions can be sustained if loss mitigation and loss recovery are more related to the damaged property than to the peril.
For example, there are many organizations today whose value lies almost entirely in information stored and utilized electronically; the value of their buildings and personal property may be almost incidental by comparison. A cyber loss could be devastating to such an organization — and the means for mitigating and recovering from the loss would generally be provided by or in conjunction with the cyber insurer.
Yet if the cyber loss arose from a property peril, the property carrier would generally be liable under the prevailing industry approach for paying recovery. That recovery could be woefully insufficient (from the insured’s perspective) if it falls under one of the often-low sublimits for damage to data found in standard income coverage forms.
For purposes of this article, we consider the following forms:
The ISO and HSB forms were published in a compilation of policy forms published by The Institutes; the cyber forms were provided by national wholesale broker Tennant Risk Services, Hartford, Conn., under the condition that proprietary policy provisions be kept confidential.
The four cyber policies referenced here are not typical of that evolving market, according to Tennant’s President and CEO Robert Sargent, who says they offer more comprehensive coverage than most cyber forms.
“Cyber policy forms are far from standard,” he cautions. “Many offer severely restrictive and confusing coverage, which will not be helpful to adjusters. And because the market is so new, there is a fair amount of coverage customization going on.”
Indeed, other cyber forms reviewed for this article did not appear to offer income coverage at all.