Cyber risk top of mind for executives in North America
CNA Hardy’s November 2018 biannual Global Risk and Confidence Survey (Survey) revealed that North American executives view cyber risk as the second largest risk their companies face, followed closely by technology concerns.
Technology frequently takes up a large proportion of companies’ overall budgets. And as labour costs increase, technology investment, with its ever-advancing development of artificial intelligence and robotics, is being viewed as a catalyst for growth. Technology risk in the Survey is defined as “the risk of IT system failure, disruption from new tech-enabled competitors or start-ups”. And, according to the Survey, companies are also cognizant of the inherent risks that technology presents, including the rising scope for disruption that a cyber-attack or data breach could create. The Survey states that respondents are aware of the full range of cyber threats that their companies could be exposed to, including ransomware, identity theft, security breaches, data loss, regulatory compliance and cloud security.
Technology and cyber risk go hand-in-hand, as witnessed by their close risk rankings in this Survey and the intrinsic cyber risk that technology investment and dependence creates. Looking forward to the Survey’s North America predications for May 2019, cyber risk is anticipated to move into the top spot, with a whopping 48% of respondents ranking it as their number one area of concern.
Cyber liability insurance contains valuable first party coverage that can help businesses mitigate the financial effects of both technology and cyber risk. Namely, system failure coverage has expanded in recent years, with some carriers now offering coverage on a blanket basis for operational downtime experienced as a result of any non-malicious event. Business interruption stemming from a cyber security incident at the insured’s business, or at the insured’s service provider, continues to be among standard cyber coverage offerings. If a company is faced with a ransomware attack, cyber insurance may respond to provide both the cost of the extortion payment, if determined that this is the most preferable option, as well as any additional costs to terminate the threat, including fees charged by IT forensic experts. Finally, should a company be faced with a data breach, cyber insurance could respond not only to provide valuable breach response services and indemnity for notification and credit/identity theft monitoring costs, but also third-party liability coverage for settlement and judgment amounts, as well as legal fees, in the event that the organization later faces a civil lawsuit or regulatory investigation or proceeding.