Business interruption insurance has been around for a long time. Unforeseeable events and disasters are bound to happen to all businesses during their life, and business interruption insurance policies can protect clients against sudden income loss.
But with cybercrime on the rise,1 a new kind of business interruption has entered the market: cyber business interruption. In many ways, it's similar to traditional business interruption insurance. However, a few key differences change the dynamics of the relationship between client and insurer.
Insurance companies are setting IT infrastructure minimums. What has been a challenge for many companies is that these controls went into effect so quickly. Many companies were caught in a situation where they didn’t have the time or the funds to implement these controls before their policy renewal date.
Understanding Traditional Business Interruption Coverage
Most business interruption coverage — also known as business income insurance — is designed to protect businesses against limited-scale losses like fires or natural disasters. In general, these policies reimburse you for lost revenue, loan payments, mortgage, payroll, relocation and often much more.
A strong traditional business interruption insurance policy is an incredibly powerful tool, protecting businesses against many unforeseeable incidents. But of course, there are limits to what business interruption insurance can offer. While it often depends on the specific plan, business interruption insurance seldom covers damage from floods or earthquakes, income that your business didn't report, or communicable diseases.
For example, many businesses filed claims resulting from damages caused by the COVID-19 pandemic when businesses began to close in March 2020. Few of these COVID-related claims were successful, because the common "contamination of a business premises by a virus or bacteria" clause exempts most insurance carriers from covering incidents where the problem clearly stemmed from communicative diseases.
Key legal issues in the appeals surrounding these claims focused on the question of whether "direct physical damage" or "direct physical loss" could be proven as a result of the COVID-19 pandemic. More often than not, it couldn't.
This example underscores one of the biggest issues with traditional business interruption insurance: It often covers a specific array of situations that existed in the past, but is often not malleable enough to deal with new types of crises. In other words, traditional business interruption insurance isn't future proof, and in the face of future-focused threats like cyber attacks, that lack of future-sightedness can be a problem.
What Cyber Business Interruption Insurance Covers
Cyber business interruption insurance is a subcategory of traditional business interruption insurance. But the similarities end there.
Cyber business interruption insurance is emerging as its own field now because of the globalization of the internet. Even 15 to 20 years ago, many companies could exist without primary use of the internet. While they may have used it for some communication or marketing, not all information companies used was digitized.
Now, not only do almost all of a company's records exist digitally on a physical server somewhere in the organization's property, but many organizations also hold their most important data on public, hybrid, or multi-cloud networks (MCNs). As cloud-based business solutions have become more prevalent, the risks associated with them have grown proportionately.
Cybercrime was exacerbated by the COVID-19 pandemic, as processes that had been slowly moving online had to make the jump within a few months. This rush left many companies with systems that weren't optimally designed for primary web use or had security flaws. Now we're seeing the consequences of those issues.
The market suddenly changed direction in 2020 as insurance companies began to calculate the unanticipated impact of ransomware claims on their bottom line.
Ransomware attacks have increased both in frequency and severity2 over the past two years, making them one of the most common types of cybercrimes. These attacks are both frequent and expensive, making them extremely difficult to manage. A ransomware attack takes control of a section of a company's network and holds it for ransom. In other words, ransomware attacks — and many modern cyber attacks — hinge on interrupting a company's everyday business. Cyber business interruption coverage is a way of helping businesses deal with this quickly evolving threat.
Cyber Business Interruption Can Keep Pace with Change
Cyber insurance policies can do a lot to explicitly protect organizations from new and quickly developing threats. These policies often have broadly worded clauses that protect against multiple kinds of cyber extortion or data breaches. These new types of coverage are designed to keep up with a rapidly changing field and are becoming essential protective tools as companies fall victim to more offensive cyber actions.
While traditional business interruption coverage is still a must-have for most companies that have physical locations and structures, complementary cyber business interruption coverage is becoming a new gold standard for full and comprehensive protection. Some policies even offer to help pay for the forensic costs of investigating an attack, as most cyber insurance carriers require companies to provide full reports on the extent of any given incident.
Learning about the different kinds of cyber business interruption coverage that are available may help your business to be more prepared for current and future breeds of attacks, giving organizations the confidence of knowing that they can continue normally when hit by a potentially damaging attack.
Sources
1"How Has a Decade of Cybercrime Impacted the United States?" Beyond Identity, 30 Aug 2021.
2Kerner, Sean Michael. "Ransomware Trends, Statistics and Facts in 2022," TechTarget, Feb 2022.
