Cyber Liability Insurance: Ensuring Adequate Coverage In The Age Of E-Commerce

Originally published on CyberInquirer.

I. INTRODUCTION: INSURANCE PRODUCTS FOR CYBER RISKS

Increasing reports of cyber intrusions, data theft and computer system malfunctions have led a rapidly-growing number of companies to purchase insurance coverage to protect themselves from technology and cyber privacy risks. Indeed, as our technology-driven economy continues to evolve and businesses become more reliant on electronic communication and data storage, they are developing a heightened awareness that an unauthorized intrusion could endanger their tangible and intangible assets (including their intellectual property) and, in many cases, their reputations and abilities to conduct business. As such, prospective policyholders are becoming more cognizant of the necessity for insurance covering such growing exposures.

Still, there is significant uncertainty about the nature and scope of insurance products which might cover a company's technology and cyber privacy risks, whether the entity is in the technology space or in a vertical that uses technology to run its business operations. While businesses and their insurance brokers typically are knowledgeable about insurance policies covering traditional general and professional liability exposures, today's online-society introduces new dynamics, many of which are not covered under traditional general and professional liability policy forms. The growing number of technology and cyber products offered throughout the global insurance markets highlights the importance of the insurance brokerage community and the value of a sophisticated broker who can perform a thorough analysis of a policyholder's insurance needs, and who can work with underwriters to obtain and tailor insurance policies to meet those needs.

Many policyholders are surprised to learn that a standard CGL policy likely would not apply to a technology or cyber privacy claim, notwithstanding that the form typically includes coverage for "property damage" and "personal and advertising injury." More surprisingly, some insurance brokers are not aware of a CGL policy's limitations or their clients' needs for a comprehensive multi-line insurance program. But, such is the nature of our changing society and a client's evolving insurance needs.

A. Cyber Risks as "Property Damage"

A typical CGL policy defines "property damage" as "physical injury to tangible property, including all resulting loss of use of that property." While it is well- and...