Pandemic crisis sparks tougher cyber risk scrutiny
Insurers are set to take a tougher stance toward assessing cyber coverage risks as the coronavirus pandemic causes hackers and criminals to become more active, Marsh executives said in a webcast briefing with clients today.
Cyber Practice Leader Pacific Kelly Butler says unlike other classes there has not been a move to COVID-19 related exclusions, but insurers are looking more closely at each firm’s situation and how well-placed they are in the new environment.
“Cyber policies are very broad,” she said. “What I anticipate is the coverage itself won’t change [but] they will very much look at an individual risk and decide the coverage they will put on any of those individual risks.”
Insurers are asking COVID-related questions and clients should be prepared when policies come up for renewal, she told the briefing.
“You can expect insurers will be looking at your overall business resilience in much more detail than they have in the past,” she said. “They will also want to know how our greater dependence on technology affects your ability to be able to respond if there is a disruption.”
Ms Butler says the Marsh is very closely monitoring cyber cover being provided from a global perspective, but there has not been discussions with insurers regarding exclusions.
The Australian Cyber Security Centre has highlighted the fact that cyber criminals are targeting the community through an increasing number of COVID-19 scams, fraud attempts and deceptive email schemes.
Since March 10 the centre has disrupted more than 150 malicious coronavirus-themed websites, with assistance from telecommunications providers, Google and Microsoft.
Marsh Head of Strategic Risk (NSW/Queensland) Ben Crowther says firms now may have most of their employees working remotely under arrangements organised rapidly, and many people are using their own home equipment and infrastructure. Interest in clicking-on latest information on the outbreak can also increase risks
“There is an incredible amount of cyber activity going on at the moment, all because of this crisis, and hackers and cyber actors making the most of this,” he told the briefing.
The level of sophistication around cyber security threats is high, and often there is the risk information can be stealthily collected for months before a breach is recognised, he says.
Current remote working arrangements, and their success, has generated discussion over whether organisations will completely revert to previous ways of operating as the pandemic subsides.
“I think the new normal is likely to involve a lot more of what we are doing right now,” Mr Crowther said. “Some of those risks associated from working from home are still going to be as valid.”