Fraudulent e-mail a ‘real big deal’ in cyber risk
There is plenty of competition in the cyber insurance market but placing a cyber product suitable for a client “can be a challenge” because different insurers offer different products, the author of a recent report suggested Thursday.
International Risk Management Institute announced Thursday the release of the “Cyber Insurance for Healthcare” issue of The Betterley Report.
“Most people seem to think cyber insurance either covers everything in the cyber world, which is far from true, or they think it covers private information breach and the resulting notification costs,” Rick Betterley, president of Betterley Risk Consultants Inc., said in an interview. “The latter can be true but doesn’t have to be true.”
Risks affecting commercial clients could include “inducement through a fraudulent e-mail that convinces an employee to wire transfer some money and it turns out, no it wasn’t the boss that was asking you to do this,” Betterley said. “It was some fraudster. That’s a real big deal now and that’s an option on some of the policies. Sometimes it’s on a crime insurance policy.”
Another cyber risk is network outages, he suggested.
“Outages happen for a variety of reasons,” such as an ice storm that causes power failures, which would be “physical damage business interruption,” added Betterley, who is based in Sterling, Mass.
“But let’s stay instead it was a hacker or let’s say it was somebody who shut down your (web) site until you pay the ransom,” Betterley said. “You can buy that in some cyber polices but a lot of them do not offer that.”
But “some of the better property insurance policies” offer coverage for business interruption caused by something other than physical damage, he suggested.
“Usually in a property policy, if there is no physical damage, there is no coverage but there are some good extensions from some of the better property insurance policies that would cover a cyber-caused business interruption.”
The Betterley Report announced Thursday is actually six reports which can be bought separately or as a package.
“The types of coverage offered by cyber risk insurers vary dramatically,” Betterley wrote in the report. “Some offer coverage for a wide range of exposures, while others are more limited. For the insured (or its advisers), looking for proper coverage and choosing the right product can be a challenge.”
The report “provides an overview of the market conditions and coverage trends related to cyber and privacy insurance for healthcare organizations,” IMRI stated.
“Most insurers offer multiple cyber risk products, so crafting the coverage for each insured requires the best in risk identification and knowledge of the individual cover,” according to the report.