More than half of US businesses now carry some form of cyber coverage, yet take-up rates are not spread equally. According to a recent report from
Marsh Risk Management Research, manufacturing is by far the industry most uninsured against cyber risk in the country – just 8% of companies in this sector purchased standalone cyber insurance last year.
There are actually a multitude of potential exposures in the cyber realm that lie outside of the traditional data breach that can cause financial distress to a manufacturing company. Unfortunately, many firms in this sector – and indeed, their insurance agents – do not realize these risks can be covered by a cyber policy.
“Brokers need to understand that while so much of the cyber conversation focuses on securing data, there are much more significant risks for companies that are in the public utilities or manufacturing sectors,” says Jeremy Barnett, senior vice president of marketing for California-based
NAS Insurance. “These companies use automated systems to run very complicated processes, and something like a pipeline or power grid failure, for example, could have a disastrous effect and be covered by components of a cyber policy.”
Such industrial control system failures are not uncommon. They can affect a wide range of industries, from traditional sectors like manufacturing to areas like transportation, healthcare or consumer appliance – and the effects of these failures can be far-reaching.
Systems data may be lost, property may be damaged and normal operations may be suspended while investigations and repairs are underway. While a property policy can address the costs of repairing the physical environment, Barnett says, a cyber policy fills in the gap in the event of a system outage, and resulting income loss.
“Cyber provides additional protection that may not be covered by a company’s traditional insurance program – it’s a new avenue to consider,” said Barnett. “Many utility companies for instance have physical business interruption coverage, but if the cause of the interruption is from a cyber-related issue, the property policy may not respond. A cyber policy can contribute in this scenario and provide coverage for the loss of income due to the disabling of the operation.”
“The world and technology are changing very fast, and insurance brokers need to begin to consider cyber one of the mandatory coverages for these industry types.”
To learn more about the cyber exposure of industrial control systems, download this free white paper and explore examples of real-world incidents, risk management practices and how cyber and property policies work together to cover these events.
