9th October 2018/ CFC NEWS
Cyber claims case study: Software shutdown
This month’s cyber insurance claims case study tells the story of a property management company that fell victim to a ransomware attack, putting an end to their primary software system.
Fortunately, their CFC cyber insurance policy helped to cover the costs of implementing a new software system, including large-scale data re-entry, as well as the shortfall in income caused by customers cancelling their contracts as a result of the cyber event and the service performance issues that stemmed from it. Read the full case study here.
The key takeaway points are as follows:
- Cyber insurance policies have historically offered relatively short indemnity periods under the business interruption section – usually 3-6 months as standard. However, it is becoming increasingly clear that the operational impact of a cyber event can be felt for much longer than a 3-6 month period would allow for.
- In this instance, the full reputational impact of the cyber event was not felt until after the 3-6 month indemnity period that you would find on many cyber insurance policies. The policyholder had a 12-month indemnity period in place and this enabled them to pick up the majority of their business interruption loss under the policy. Had the insured only had a 3 month indemnity period, however, they would not have been covered at all, as all of the cancelled contracts fell outside of this period.
- Businesses that receive their income on a contractual basis could be more exposed to BI losses, as the cancellation of monthly or annual contracts could very quickly result in sizeable financial losses being incurred. Businesses that receive their revenue in this way should consider factoring this in when selecting an appropriate limit for their policy.
- Having legacy systems in place could also increase a business’s exposure to a cyber event. The fact that this insured used a superannuated software system meant that they were especially vulnerable, as it soon became clear that it was not possible to restore their software and resume their normal service. Other businesses might have had their server encrypted in just the same way, but if they were using modern software packages they would most likely have recovered much more quickly.
Want to learn more about business interruption and indemnity periods? Read the first post in our BI blog series here.