Cyberinsurance policies are not the only sources of coverage for businesses that fall victim to cyberattacks, two Anderson Kill PC attorneys said Thursday, noting that commercial general liability and property policies have also been found to cover such incidents.
In a webinar presented by Anderson Kill, which represents policyholders, shareholder Josh Gold explained that the cyberinsurance market has gotten tougher over the past year and will continue to do so with rising renewal costs, more rigorous underwriting and less generous coverage for claims.
"Policyholders are going to have to push harder and be more vigilant in securing their insurance coverage," Gold said. "It's a sad truth, but it is maybe one that is going to be reality for numerous policyholders."
"The fact of the matter is that policyholders often will have coverage under other policies," he said, explaining that property insurance policies may specifically mention coverage for data and computer systems.
Because not all ransomware attacks deal with the corruption or theft of data, Gold said, policyholders should implement an "all policies on deck" mentality to ensure that losses are covered. For example, operating technology, such as machinery used for manufacturing, can be subject to a ransomware attack, Gold said, so coverage under other policies could be triggered.
The lack of standardization in the cyberinsurance market is also cause for concern, Gold said. He pointed out that even policies offered by the same carrier can have different coverage limits.
Healy and Gold also explained that businesses shopping for cyberinsurance should be aware of sublimits, which can reduce available coverage amounts.
Read the full Law 360 article here.