Insurance claims seeking coverage for cyber-related losses are “divided into two worlds” as insurers seek to move policyholders to specialized cyber policies.
Josh Gold, head of the new Cyber Insurance Recovery Group formed by law firm Anderson Kill, told Advisen that policyholders who file a data-related claim under a conventional business policy, such as general liability or crime, are “met with resistance.”
“There is a good amount of wrangling going on,” he added, describing the cyber claims environment. Insurers are clearly trying to assert they had no intent to cover cyber with a commercial general liability policy.
“The trend has been to curb the scope and value of a GL policy,” Gold told Advisen. “There has been a steady erosion in the value of GL insurance, forcing policyholders to more and more different kinds of policies. It’s difficult to avoid gaps.”
However, if a business holds a specialty cyber policy and has a claim these policyholders are “received a lot better.”
“There are still some disputes but generally they are handled behind closed doors,” he said.
New specific cyber/data breach exclusions filed by ISO last Fall have gained approval in many states and are being used in standard-form primary, excess and umbrella commercial general liability policies. Gold said it remains to be seen how many insures will use the exclusions, and how soon.
In the meantime, Gold said he has been successful getting coverage for clients under crime policies. “These expressly include computer fraud, which is intended to cover hacker claims.”
The multimillion dollar recovery in a US Court of Appeals decision rejected an insurer’s “direct loss” defense. The court applied a proximate cause standard instead. Gold, a shareholder in Anderson Kill’s New York office, said he has recovered more than $1.5 billion for corporate policyholders.
Gold said the group was officially formed to “pool resources and better keep track of new developments across multiple jurisdictions” since the area of cyber is “changing so much, so quickly.”
“As the scale and the frequency of data breaches continues to grow, we’re moving to consolidate our efforts through a formal cyber insurance recovery group to help clients maximize recovery not only from specialized cyber insurance policies, but also from general liability, crime, D&O and professional liability policies that may provide coverage for losses stemming from such events,” said Gold in a statement announcing the group.