Lloyd’s of London has released a startling report which details how a multi-billion dollar, “catastrophe level” cyber attack would affect the insurance industry and global economy.
The emerging risk report, entitled Business Blackout
, details the effects of a large scale cyber attack on the power grid of the United States and notes that the industry may not be ready for this type of diversified attack.
“One of the key purposes of this report is to highlight various issues of exposure that insurers may face from the growing threat of cyber disruption,” the report states.
“It identifies some key areas of uncertainty and ambiguity that insurers will need to consider, either in their individual policy coverages, or as a part of the broader portfolio.”
Lloyd’s notes that an attack of this type, on a major interconnected system, would have multi-billion dollar ramifications for the insurance industry and wider economy and would present a myriad of challenges for insurers.
“The report also analyses the implications of these direct and indirect consequences on insurance losses. The total of claims paid by the insurance industry is estimated at US$21.4bn, rising to US$71.1bn in the most extreme version of the scenario."
Lloyd’s noted that the “ambiguity” present in many cyber policies would prove highly detrimental in such a large scale attack as insureds would be unsure of their coverage which could lead to all manner of problems.
“Insurers are also realising that the cyber threat has the potential to generate claims from lines of insured business where cyber damage is not an explicit cover,” the report states.
“This ‘silent’ cyber exposure refers to instances where claims may arise under an all risks cover.
“Insurers may not realise the extent of their exposure to this emerging threat class, and may not have charged premium to cover this aspect of the risk. Insurers may be holding more cyber exposure in unexpected lines of business in their portfolio than they realise.
“We suggest that it is clearly in the interests of insurance companies and their corporate customers to clarify the situation, and to be clear about what is and what is not covered.”
Lloyd’s warn that any insurers that take a blinkered view of cyber risk do so at their own peril as the interconnectivity of industries in the modern world mean a threat is difficult to contain and could lead to claims from all business types on a vast number of policies.
“A cyber attack of this severity is an unlikely occurrence, but we believe that it is representative of the type of extreme events that insurers should assess in order to understand potential exposures.
“One of the key features of cyber risk brought to life by the scenario is the broad reach of a major event: insurers should consider cyber attack to be a peril that could trigger a wide range of economic losses.”
To read the full report, click here