Blog / Insuring Yourself Against Cyber War
The devil is in the details, or in this case, the changing fine print.
Recently I wrote about how an insurance company tried to deny a payout by claiming the ransomware was an act of war. That was four months ago, near the start of the still-ongoing Russian/Ukrainian conflict and while I haven’t mentioned it for a while, that war is still going on and relevant to today’s topic.
Now, the reason I haven’t brought up the war in Ukraine and it’s impact on cyber space is because nothing’s really changed. The massive jump in cyber attacks between the two nations hasn’t stopped and the risk of being getting caught in the crossfire is still high. The Russian economy continues to shrink and ransomware (among other tactics) remains a potent tool for evading international sanctions to fund their war effort. That’s because, unlike other sanctioned nations like Iran or Venezuela, Russia is home to several dangerous ransomware gangs, many of which are ignored by Russian police because they take their orders, no matter how “unofficial” they may be, from the Kremlin.
Context aside, in that post from March I detailed how the insurers involved in the case tried to deny a $1.4 billion USD claim by insisting the ransomware infection was an act of war because the attack could be connected to the Russian military. The insurer lost their court case and had to pay the claim, at which point I predicted insurance companies would start redefining their policies.
If you’ll allow me a moment to toot my own horn, that’s exactly what’s happened.
Lloyd’s Market Association (the organization that runs Lloyd’s of London) recently released a bulletin redefining cyber war and cyber operation exclusion clauses. In case you’ve never heard of Lloyd’s of London. they are a venerable, prestigious, and wildly successful insurance company known for insuring some pretty outlandish things (like Keith Richards hands). The fact that they’ve decided to come out with specific exemptions regarding cyber warfare means they recognize the current state of the internet as a threat to their bottom line.
The reason this is noteworthy is because of the sheer size of the insurer and their decision to go public with their decision. They could have just as easily made the change with minimal communication to clients and keeping it mostly internal. Instead, their recommendations as an insurer industry leader were made public. Now, other insurers are even more likely to make substantial changes to their cyber insurance policies. After all, if one of the biggest names in the insurance industry is concerned about wartime ransomware claims cutting into their bottom line, you just know the rest will react similarly to any threat to their profits.
That’s why it’s so important to have an experienced, talented team of IT and cybersecurity professionals to consult with concerning cyber insurance policies and helping to secure your environment against threats, and why we invite you to contact our team of cyber-professionals to schedule a consultation sooner than later.
You’ll find this quote from one of Shakespeare’s lesser known but nonetheless wonderful plays, The Merry Wives of Windsor: “Money is a good soldier, and will on.”
Courtesy your friendly neighbourhood cyber-man.