FM Global: Cybersecurity insurance doesn’t cover everything

By
-
FM GLOBAL released a study that found corporate executives often overestimate what their cybersecurity insurance will cover. Above, the company's Johnston headquarters. / COURTESY FM GLOBAL
FM GLOBAL released a study that found corporate executives often overestimate what their cybersecurity insurance will cover. Above, the company's Johnston headquarters. / COURTESY FM GLOBAL

JOHNSTON – Seven in 10 senior financial executives at the world’s largest companies believe their insurer would cover most or all losses their company would suffer in a cybersecurity attack, but that’s far from the truth, according to FM Global.

In a survey of 105 chief financial officers and other senior executives, commissioned by Johnston-based FM Global, 45% said they expected their insurer to cover most cyber-related loses and another 26% said they expected their insurer to cover all such losses.

However, most of the effects that executives expect to experience from a cyber attack aren’t typically covered by insurance policies, according to FM Global, one of the world’s largest commercial property insurers.

These effects include:

- Advertisement -
  • Degradation of a company’s brand/reputation (46% of those polled said their companies would likely suffer such damage from a cyber security event).
  • Increased scrutiny from the investment community (40% said that would be a likely result from an attack).
  • Decline in revenue or earnings (38% expected this).
  • Regulatory compliance problems (35% expected this).
  • Decline in market share (24% expected this).
  • Decline in stock share price (24% expected this).

FM Global said what typically would be covered by first-party cyber insurance are costs to mitigate the event, including expenses related to restoring data or equipment. Moreover, litigation and customer notification costs would be covered by third-party insurance, the company said.

Yet the rest of the listed costs likely would have to be absorbed the company.

“As essential as cyber insurance is, the findings indicate financial executives may be deriving a false sense of security from it,” Kevin Ingram, executive vice president and chief financial officer at FM Global, said in a statement.

“While insurance is an essential part of the risk management formula,” he added, “there are losses related to a cyber attack that insurance cannot cover.”

FM Global said it takes an “engineering approach” to identifying cyber risk and preventing property-related loss, including its cyber risk assessment tool for determining vulnerabilities in physical security, information security, industrial controls, and building automation systems.

Ingram said the company is “committed to helping our clients prevent loss in the first place.”

Scott Blake is a PBN staff writer. Email him at Blake@PBN.com

RELATED ARTICLESMORE FROM AUTHOR

No posts to display