Broker warns energy firms are ‘disproportionately targeted’ by hackers

Marsh has launched a cyber gap policy for energy companies, warning it is only a matter of time before the industry suffers catastrophic damage to facilities or energy supplies from a cyber attack.

Bodily injury, property damage and business interruption arising from a hacking event are all excluded from standard commercial insurance policies, the broker said.

But Marsh’s said its Cyber Gap Insurance would “close this gap” by paying claims if they were denied because of cyber risk exclusions.

The policy was developed with insurers in the London and European markets and industrial control system security specialists.

The launch came as Marsh warned that global energy companies were being “disproportionately targeted” by increasingly sophisticated hackers.

Marsh EMEA energy practice leader Andrew Herring said: “To date, the cyber-attacks directed at the global energy sector have largely been untargeted and data-driven, as companies and individuals have attempted to gain access to personal or sensitive financial data.

“However, the nature of the threat is changing and energy firms are now the target of increasingly sophisticated cyber-attacks. The disproportionate rate at which the sector is targeted means it may only be a matter of time before we experience catastrophic physical damage to facilities or disruption to supply as a result of a cyber-related event.

“Marsh’s Cyber Gap Insurance closes the gaps in existing coverage that have existed for over a decade, enabling energy firms to develop and implement more comprehensive risk mitigation and risk planning strategies to protect their people and assets.”

The policy is aimed at companies which spend over $250,000 (£146,000) on premiums each year.

In April AIG launched a policy to cover physical damage to people and property caused by cyber attacks.