How Gapping of Coverage Occurs in Cyber Liability Insurance

There are many different ways to Insure against Cyber Liability Insurance exposures in today’s marketplace.  The last 10 years have seen a lot of change in the coverage, as well as the number of carriers who write it.  Many package insurance policies now provide some form of protection against Cyber risks.

While retail agents have become more aware of the need to offer coverage, as much as 50% of all businesses and 70+% of small businesses still are not buyers of this coverage.  A big part of this is the lack of carrier education of retail producers of the need by industry class for the coverage and the right tools to sell it.

As a result, there is a significant gap in coverage for commercial insureds of all sizes and industry types across America.  The retail agent must have in order to properly protect their customer while at the same time protecting from a potential E&O claim against them.

There are three (3) primary ways that gapping occurs when insuring against Cyber exposures:

Segregation

Any risk providing technology services of some kind to its customers has an E&O risk, and such risk should always be written in combination with the Cyber Liability coverage.  When these are segregated, gapping occurs in determining the cause of a security or privacy breach.  Was it caused by the error or omission of the company providing the services?  Or was it the negligence of the employees/company of the company receiving the services?

When the same carrier writes both the E&O and Cyber together, this coverage dispute is eliminated and the Insured is protected for either scenario.

Underinsurance

Often times we see a retail agent who has packaged their customer’s Cyber coverage into an endorsement onto their BOP or CPP policies.  Other times we see them providing a coverage part in conjunction with their package policy.  Still, other times we find them placing their customer’s into separate, monoline low-cost Cyber Insurance policies.  Finally, we can also see insureds who are written into broad Cyber policies with brand name carriers. In all of these scenarios, the same danger to gapping occurs: “underinsurance”.  Underinsurance occurs when a commercial insured has purchased some form of Cyber coverage that does not provide the Insured with the broadest protection or enough protection, which exposes to them to both unfunded claims and underfunded claims.  Here is how it looks by each of the 4 scenarios:

  1. Package policy endorsements: The cheapest and easiest way to get some coverage, endorsements or riders to existing BOP and CPP policies offer protection from basic third-party lawsuits.  However, at the same time, they offer very little to no first party cost coverage.  Also, when they do provide the third party and/or any first party coverages, the limit of liability provided is usually lower than a monoline policy placement, and many times lower than what an Insured is actually exposed to in risk.
  2. Package policy coverage parts: Like their endorsement counterparts, these are more robust and broader coverage parts that are added to a CPP.  They often provide more of the first party coverage parts that a standard Cyber Liability policy would provide, however, like their endorsements, they still provide lower limits than what is needed, and some of the third and first-party coverage parts are still not included.  Further to this, the language of the coverage parts that are provided is not as broad as those coverages are for some of the other stand-alone policies in the marketplace, especially when looking at the triggers of coverage.
  3. Low-cost Cyber policies: Saving money up front is always a good thing- unless it is just costing you money in the long run.  Low-cost Cyber policies many times means low-coverage Cyber policies.  In today’s marketplace, a lot of the carriers provide coverage parts similar to the broadest Cyber policies out there.  However, the proof is always in the pudding, and almost always a low-cost policy compared to others who quote means there is some form of gapping happening.  Usually, it is in the lack of coverage found in the guts of the policy itself- sort of a “read the fine print” theory.  Be very careful and read policy triggers and definitions intently when choosing a low-cost Cyber Insurance policy.
  4. Brand name Cyber policies: Finally, there are always those agents and insureds who think that placing a Cyber policy with a well-known “Brand-name” household insurance company means they have the best coverage.  This is quite the contrary.  The boutique Cyber carriers have been the broadest coverage programs for many years, and have become leaders in the Cyber Insurance line of business because of their specific expertise in it.  Many of the larger and brand name carriers offer Cyber as another line of business.  As a result, they have visible holes in their coverage forms that retail agents must familiarize themselves with to avoid gapping in their coverage that could be avoided.

Uninsurance

Simply put, this is providing no insurance for Cyber exposures every commercial insured has.  This is where we are going to see the most problems arise for retail agents who are not offering Cyber coverage to their clients.  However, “providing no insurance” occurs in two ways, and a smart retailer will be wary of both of these traps to avoid a claim for gapping of coverage

  1. The first trap is to provide no insurance at all. Do not allow the commercial insured to dictate their exposure to Cyber risk to you.  Instead, educate them on the risks they face because of their industry class and despite their proactivity to protect against it.  Be sure to quote Cyber for every risk, and document BOTH your education of them to their risk and their declination of that risk AFTER being educated of it; and
  2. The second trap is to provide no insurance for specific coverage parts that an Insured has exposure to risk for. These include coverages such as Cyber Crime, Dependent Business Interruption, and Reputational Harm.  Be sure to understand what perils your client is facing because of his industry class, and provide quotes with coverage parts that address these top perils to avoid gapping.

Bridging the gap is a priority for every retailer when working in the Cyber Liability space.  Know what to look for, and which carriers offer the broadest coverages at the most competitive rates.  Be sure to be an expert, or use an expert like US Pro Insurance Services to help you avoid having any gaps.

Comments are closed.