Cyber Insurance: The anatomy of a claim

Cyber crime in the UK is a multi-billion pound business, but still many SMEs are falling behind when it comes to cyber security and insurance cover aimed at both mitigating risks and providing financial redress in the event of a cyber event occurring.

One of the reasons at least partially behind this poor uptake of cyber insurance is a lack of suitable products available on the market, as well as a lack of understanding from some brokers of both the products and the risks their customers are facing.

One of the big areas where brokers are lacking knowledge is around claims, and what happens once a data breach or other cyber event has taken place.

To help address this knowledge imbalance, Insurance Times spoke to specialist cyber cover provider CFC Underwriting’s James Burns to talk through some real life examples of cyber attacks and what the proper process is for handling a claim when the worst happens.

Case Study One: The importance of back-ups

This first case study really emphasises the importance of backing-up systems. And checking those systems are working correctly.

CFC Underwriting was providing cyber cover for a two-man firm of architects, and while they didn’t store and collect a lot of personal sensitive information, they did store a lot of intellectual property on their computer systems.

They first notified us in May 2017 that they had been hit by the WannaCry malware programme, which encrypted their entire server. But as they had a third-party IT contractor maintaining automated backups they told us that the notification of the attack was just for information purposes and that they would not need to be making a claim at that time.

Fast forward five or six months, however, and we received a call from a panicked broker informing us that the backups had failed and the insured was unable to retrieve any of their information.

While the information they stored on their servers was not needed on a day-to-day basis (it had taken them almost half a year to realise they couldn’t access the data), the designs and other intellectual property they did have on their server was vital for the ongoing viability of their business as specialist architects, as they used their old designs as the basis for new projects.

When CFC’s in-house team spoke to the third-party IT provider it was revealed that the automated backups had been failing unnoticed for three years, meaning that all project data created over this time was lost.

While most cyber insurers will provide cover for recovery or replacement of data, this is usually only up until the data is deemed unrecoverable, which it was in this case.

CFC’s policy, however, also provides cover for restoration of unrecoverable electronic data. In this case it meant recreating the data from scratch. To achieve this, CFC hired a team of specialist architects to recreate the data under supervision of the insurers, eventually paying out a total of just under £300,000 to settle the claim.

This large claim demonstrates just how important cyber cover is for SMEs, even if they don’t think they face any exposure to a possible data breach, and brokers must ensure that they use examples such as this to help sell products to new customers.