For many, 2016 was an interesting albeit risky year. In a well-publicized incident during the 2016 electoral cycle,
a campaign official was embarrassed by
the admission that he had unwittingly
clicked on a phishing email, which may
have opened a window to a significant
security breach. In a completely separate
series of events, a well-known restaurant
chain saw its brand undergo a series of
tarnishing revelations regarding the dif-
Are these
Emerging Risks
on Your Radar?
By Jeff Ellington
ficulties with controlling certain bacteria
during food preparation.
Both of these cases shared something
in common: an initial or inherent risk
as well as a larger exposure or series of
follow-up effects. In addition, they were
both indicative of the kinds of complex
risks found in a fully networked and glo-balized economy. It might be instructive
to look at a few recent trends in emerging
risks and consider why they may continue or even strengthen.
Cyber risk
Cyber risk is ever-evolving. Because every
security system is vulnerable, no cyber security policy is considered fully comprehensive. The constantly changing nature
of cyber risk threats means that while
coverage can be written for known risks,
these are in a constant state of flux and the
next attack will have a different wrinkle.
For this reason, there is no established
standard cyber insurance form utilized
by carriers in the commercial insurance
market. Although most policies provide
third-party liability coverage as well as
first-party coverage for loss or damage to
property, there is a wide variation in other
needed coverages. More specifically, businesses need to know whether coverage is
provided, and at what level, for:
• regulatory actions
• incident response costs
• credit and identity monitoring
• transmission of viruses
• business interruption and extra
expenses
• extortion expenses
• data loss and restoration
The constantly evolving nature of cy-
ber risk translates into an equally fluid
landscape when it comes to claims man-
agement. Indeed, the challenge with any
loss resulting from new forms of security
breaches is to determine what different ex-
posures or additional expenditures are al-
lowable under the current policy language.
A separate area of complexity resulting from discovery involves determining
the responsible party for the cause of the
S
hu
t
t
e
r
s
tock