In today’s digital age, war also means cyber-war. Russia’s invasion of Ukraine is likely to result in a multitude of cyber-attacks and many cyber coverage battles. Email attacks from Russia are already on a surge and carriers are carefully looking over their coverage and preparing for this cyber-war.
“War exclusion” or “hostile act exclusion” generally means that insurance carrier will not defend against acts of war. This language is typically built into cyber insurance policies. Insurance carriers are already working to tighten their war exclusion language to deny coverage.
Earlier this year, Lloyd’s of London released new variations of cyber war and cyber operation exclusion clauses. Lloyd’s Exclusion No. 1 states that the insurer will “not cover any loss, damage, liability… directly or indirectly occasioned by, or happening through or in consequence of a war or a cyber operation”. This means that if a company is the target of a cyber-attack, for example a new malware threat that is attributed to the government, the insurance carrier can deny coverage.
In the event of an attack, it is important to remember that when reporting a claim, only report what you know for sure, anything said could be used as a basis for acceptance or denial of coverage. If you’re hit with a new variant of malware or ransomware, don’t hesitate to get an independent expert, or an independent counsel to assist you with the process.
If you don’t have cyber insurance in place, now is the time to do so, and be picky about who you choose. If you do have coverage, ask your carrier about these exclusions, and give it a closer look.