If you think that construction companies are relatively immune to cybercrime, consider this. The hackers who stole more than 40 million credit card numbers from Target in December 2013 did so by stealing and using login credentials from an HVAC systems company doing work at multiple locations for the giant retailer.
Cybercriminals are becoming more sophisticated, and attacks are becoming more frequent and costly. As a result, insurance carriers are moving away from covering cyber losses under traditional liability or crime policies. Instead, they are moving toward standalone policies or adding special endorsements to existing policies.
Nothing Is “Standard” When Cyber Insurance Is Involved
Unlike other types of insurance that have fairly standardized language from carrier to carrier and form to form, cyber coverage is relatively new. The language is still in flux and very nuanced, and many differences exist from one underwriter to another. It is critically important to know what your coverage provides—and what it doesn’t.
Think about this example. Your company is insured against losses directly attributable to the use of a computer. Someone masquerading as the company president sends an email and directs an employee to wire tens of thousands of dollars to an account for a big business deal. The employee dutifully obeys without question. Later, the company discovers that the president didn’t know anything about the request. The money is gone, and the insurance carrier won’t cover the loss: an employee was directly responsible for the loss, not a computer. Think this doesn’t happen? Read our case study.
Does Cyber Insurance Make Your Business Safer?
In a way, investing in cyber insurance can make a company safer. To purchase cyber coverage, a business typically is required to answer a lengthy list of questions about its technology practices and to put security standards, processes and safeguards into place to protect itself from those intent on doing harm.
Again, though, it is important to thoroughly understand the coverage language. For example, if a company’s technology department fails to install one patch or make one update, the company could lose its insurance coverage. Humans fail. Mistakes happen. Make sure your policy is written with that in mind.
Experience Matters When Purchasing Cyber Insurance
Cyber coverage is complicated. A broker with a dedicated cyber practice is in the best position to help you understand the protection you currently have, where gaps exist, and how to make sure endorsements work together with your standard coverage.
To learn more about managing and insuring construction risks, listen to these “Construction Risk and Insurance Roundtable” podcast episodes or contact your local Hylant risk management expert.
The above information does not constitute advice. Always contact your insurance broker or trusted adviser for insurance-related questions.