Bodily injury and property damage exclusions in cyber insurance policies means the Internet of Things has “big implications” for organizations, while malware that existed unbeknownst to a user before binding a policy can mean a cyber incident is not covered, speakers suggested at a conference Friday.
Speaking at the 3rd Annual International Cyber Risk Management Conference, produced by MSA Research Inc., was Joshua Gold, a lawyer and shareholder at New York law firm Anderson Kill, who has represented policyholders in insurance coverage disputes in the U.S.
“A lot of the cyber policies I have seen are for the most part geared towards liability or exposure or notification costs of having to address a breach of sensitive information, whether it’s customer information, or maybe some internal sensitive financial information of the company itself,” Gold said. “But I think we are going to see this whole shift back to what insurance used to insure as the primary focus – property damage and bodily injury coverage. That’s got really big implications, because a lot of cyber policies will have a bodily injury and property damage exclusion.”
With the Internet of Things, Gold suggested, hackers can disable safety mechanisms on vehicles and machinery.
“All of these kinds of catastrophic risk exposures out there that you are hearing about, it’s going to be interesting what the reaction is from the insurance industry,” Gold added.
To read the full article: Smalls firms wanting cyber coverage should "hold an inventory" of personally identifiable information: Chubb