Canadian Underwriter

Do your cyber clients have buyer’s remorse?

April 11, 2019   by Jason Contant

Print this page Share

Are you spending a lot of time dealing with “coverage leakage” and buyer’s remorse as it relates to cyber insurance?

For smaller claims in particular, some clients may not have a cyber policy, but may try to recover out-of-pocket costs through traditional property policies, for example. One instance would be electronic vandalism coverage – where somebody puts malicious code onto a server or computer network. However, if the client has a lost laptop situation, that coverage wouldn’t respond.

“What we are seeing is people bring us these losses and try to pound those square pegs into the round hole,” said David Clark, major case specialist of liability claims with Travelers Canada. “They’re painfully aware that they don’t have the insurance they wish they had. It’s at that point they wish they had the cyber. They’re now looking for cover. It can be a very frustrating claim experience for our insured, and the brokers see that too.”

Clark was one of the speakers at NetDiligence’s Cyber Risk Summit in Toronto last week. He was on the panel 2018 Claims & Losses Update discussing some of the types of cyber claims being covered.

Clark noted that in some cases in limited circumstances, depending on the policy wording, there could be “coverage or partial coverage, but don’t look for total coverage.” For example, a client may have coverage for electronic vandalism coverage, but not for a breach coach (to help manage a breach event). “What about notification costs?” he asked. “None of that is going to fit, even if there is some coverage available to help rebuild your systems in part.”

In some cases, there may be some client pushback regarding deductibles, for example. “I don’t know what to say to that,” Clark said. “You bought an insurance policy with a $50,000 or $100,000 deductible or whatever, that’s what the policy provides for. It’s led to some interesting discussions, particularly since Nov. 1, when mandatory breach reporting came in as a law in Canada.”

As more cyber products come into being and clients purchase them, Clark predicts there will be less coverage discussions. “But we are having a lot of them,” he said of the current situation. “We’re spending a great deal of time on our claims around these issues. These are very real circumstances and very real tough calls that I know our insureds are making at their shop and we’re obviously trying to help them.”