Cover in action
Debbie Hobbs reviews six real-life examples of well-publicised cyber losses and considers how cover from Miller would have responded.
A disgruntled employee leaks data
Business impact: Estimates vary, but roughly half of data breaches are down to insiders – whether accidental or malicious. For example, a staff auditor for Morrisons supermarkets uploaded the personnel records of 100,000 colleagues to the internet. Employees sued Morrisons over the rogue employee’s action, which the grocery store defended – successfully – all the way to the Supreme Court.
How Miller cover would respond: An IT forensics service is called in immediately to help identify the source of the leak, while crisis management services limit the reputational damage. The cyber policy picks up the defence costs of both the litigation and regulatory investigation. Had the suit been successful, the policy would have covered third-party claims up to its limit, potentially USD250m.
Cyber criminals deploy ransomware
Business impact: Through social engineering – probably phishing – hackers introduced ransomware called Ryuk to the L.A. Times’ production network, locking employees out of their system. The paper was unable to print that day’s edition.
How Miller cover would respond: Breach response services take immediate effect and identify the source of attack. They get the presses up and running almost immediately, limiting downtime. The policy covers first-party costs, as well as business interruption and additional workaround costs.
Operational error, network failure
Business impact: In 2016, Delta Airlines suffered what it called a ‘major system-wide network outage’ caused by a power failure. It had to cancel or delay flights worldwide. The following year Air Canada suffered a similar event. In a third case, a mistake by an IT contractor damaged the IT infrastructure, causing a week’s interruption that cost hundreds of millions of dollars.
How Miller cover would respond: Bespoke cyber insurance covers the spectrum of expenses including the cost of lost data, IT systems rebuilding, crisis management services, passenger compensation, workarounds, and loss of profits. Engineers’ lightening response times may even have got the airline flying sooner.
Malicious actors breach industrial control systems
Business impact: Iranian hackers breached the Bowman Avenue Dam in New York. They gained control of the floodgates. A few years later, unknown hackers gained control of a German steel mill’s control systems with phishing emails, which caused massive damage to the facility and a temporary closure of the plant.
How Miller cover would respond: Miller policies can provide cyber physical damage and business interruption coverage, which may be affirmative from the ground up, or through a buy-back of cyber risk excluded under an insured’s property or package policy.
Criminals trick executives into fund transfers
Business impact: Fraudsters known as the ‘Florentine Banker’ used sophisticated hacking techniques to trick C-suite executives at three private equity firms into diverting legitimate wire transfers worth about GBP1.1m into the criminals’ account.
How Miller cover would respond: Policies may indemnify insureds for their monetary loss when employees were misled into transferring money, securities, or other assets to an unintended third party.