Insurer Looks to Broaden US Cyber Cover

Zurich Insurance has announced the rollout of new, industry-specific endorsements to its cyber insurance policy designed to expand coverages provided to the manufacturing industry.

The underwriter said the endorsements were created “in response to the growing threats posed to U.S. industrial firms by data breaches, ransomware and other cyber events”.

It added many manufacturers, especially midsized firms, have been largely unaware of the growing cyber risks they face as new digital technologies connect with and replace legacy systems, presenting new vulnerabilities that can be exploited by cyber criminals. A cyber hack, malware, miscode or virus can severely impact a production line, supply chain and company reputation.

“Historically, manufacturers have presented lower profiles to cyber criminals because they did not have large databases of personal information to be accessed and stolen,” said Michelle Chia, (pic) head of Professional Liability and Cyber for Zurich North America. “Today, as manufacturers become more dependent on network connections linking industrial control systems with production machinery, robotics and other vital hardware, they are becoming more attractive targets. If a plant is shut down for any length of time due to a cyber attack, the impact can be significant and long lasting.”

Ms Chia noted that most midsized companies, including manufacturers, don’t have the same cyber defence infrastructure and expertise as large organisations. In today’s rapidly evolving, increasingly threatening cyber risk environment, this can lead to a greater vulnerability for midsized manufacturers. To help address those vulnerabilities, Zurich offers a variety of cyber security services to all midsized customers, from initial vulnerability assessments to network monitoring. Services can be packaged with a Zurich Cyber Insurance policy or can be purchased outside an insurance contract.

Under the new approach cyber exposures covered by Zurich’s manufacturing- specific endorsements include:

  • Any components that are part of supervisory control and data acquisition systems (SCADA), programmable logic controllers (PLC) or other industrial control systems;
  • Computer hardware, firmware, software and electronic data, as well as associated input and output devices utilized in manufacturers’ operational technology strategy;
  • Computer peripheral devices, including wireless and mobile devices, which comprise a growing segment of manufacturers’ overall connected environment;
  • Electronic backup facilities, including systems accessible through the internet, intranets, extranets or virtual private networks, which manufacturers use as part of their cyber security defence protocol.

“Buyers of cyber insurance are becoming more sophisticated than ever before,” said Paul Horgan, head of U.S. Commercial Insurance for Zurich North America. “As manufacturing customers have become more aware of cyber threats, they’ve asked us for industry-specific coverages, and we heard them. Earlier this year Zurich created cyber insurance endorsements specific to the construction industry. We will continue to look at ways we can help customers deal effectively with evolving cyber risks.”