Cyber Business Interruption Coverage Is Anything But Simple. 5 Key Things to Keep in Mind

By: Stephanie Snyder Frenier | December 1, 2022

Stephanie Snyder Frenier is SVP with CAC Specialty’s Professional & Cyber Solutions practice. Stephanie has over 18 years of experience engaging with clients and prospects to develop tailor-made cyber and technology errors & omissions risk transfer solutions, while also supporting marketing and sales strategy.

Topics: Cyber Risks | Risk Insider

There is a lot of talk in the cyber insurance industry over the challenge of systemic risk, and many carriers have announced their intentions to address these exposures with new policy language.

However, most carriers have already taken action to address certain elements of aggregated risk via limitations to the scope of cyber business interruption (BI) coverage.

BI is the most challenging part of cyber underwriting, as it requires understanding of an insured’s resilience to a cyberattack, including incident response, business continuity, disaster recovery, as well as dependencies within the IT and non-IT supply chain.

There is a significant amount of variation in the cyber BI coverage offering across the market. Here are five BI coverage elements to consider when purchasing cyber insurance:

1) Waiting Period Length

Prior to the hard market, waiting periods may have been as low as 8 to 10 hours for most insureds, whereas with the hard market conditions of 2021, some carriers began pressing for waiting periods of 24 hours or more.

The market standard is 12 hours, which is generally available in today’s moderating market.

2) Waiting Period Applicability

It is important to consider how the waiting period works.

Many carriers use the waiting period as a “qualifying period” for coverage, and once the business disruption meets the length of time of the waiting period, coverage is triggered and then the dollar retention is then applied back to minute one of loss.

Other carriers use the waiting period as a retention in terms of the amount of loss incurred during the duration of the waiting period.

In this instance carriers tend apply the “greater of” the amount of dollar loss due to a business interruption during the waiting period or the dollar retention amount — whichever is greater.

3) Period of Indemnity

This is the period for which the carrier will indemnify for a business interruption, as defined, and can vary from as short as 90 days to as long as 180 days.

Typically, this considers extra expenses incurred by the insured during the business interruption as well as any associated income loss.

In some policies, and extended period of indemnity may be available to consider the continued income loss arising from the business interruption.

4) Dependent Business Interruption

Carriers continue to be concerned about the scope of dependent business interruption (DBI) coverage and are working to clarify what constitutes a “dependent business.”

Dependent businesses typically include IT services providers (including cloud service providers) on which the insured is dependent to run their computer networks.

During the pre-2020 soft cyber insurance market, coverage was available for non-IT providers as well, however this has been largely eliminated given the potential for loss and lack of optics from an underwriting standpoint into the insured’s supply chain.

Additionally, carriers are seeking to define dependent businesses only as those under contract with the insured.

5) Sublimits

One way that carriers are protecting themselves from loss aggregation relative to business interruption is by applying sublimits.

While full limits are typically available for DBI coverage related to a security failure, many carriers continue to apply sublimits for DBI related to systems failure (a technology outage not due to a breach).

However, the challenge with sublimits is with regards to any excess placements, in terms of ensuring that excess carriers follow the sublimit within their layer, and if not, recognize erosion of the underlying limit.

As the cyber insurance market continues to work to clarify coverage for systemic risk, buyers should expect the above coverage elements to be revisited by carriers.

The job of a good broker is to help buyers understand the nuances of cyber coverage and ensure that the terms of the policy make sense relative to the operations of the business, and other lines of coverage that may apply (such as property).

The more information that buyers can include as a part of the submission, the easier it is for underwriters to understand business interruption exposures and offer better coverage terms. &

How a Carrier Partner Can Help Navigate a Challenging Management and Professional Liability Market

A combination of a choppy economy with increased claims frequency and severity could lead to rate increases in the Management & Professional Liability market.

By: Risk & Insurance | April 3, 2024

Rates in the management & professional liability (M&PL) markets were on the rise from 2020 to early 2023 and are now falling rapidly.

M&PL divisions manage a number of different insurance products including management liability (D&O), professional liability (E&O), employment practices liability (EPL), fiduciary liability policies, cyber, etc. In 2023 and into 2024, a big influence on the marketplace has been the extremely aggressive and softening public company D&O market.

Though these rates have been softening for management liability, that may change over the next few years as companies continue to adjust their business models motivated by economic uncertainty. Layoffs were up nearly 200% last year, Forbes reported, even as other recession indicators, like the inflation rate, improved. A recession could lead to an increased claim activity and force carriers to raise rates.

“Whenever there is a meaningful downturn in the economy, we tend to see claim frequency pop up,” said George Schalick, Jr., senior vice president of the Management and Professional Liability Division at Philadelphia Insurance Companies (PHLY).

With continued fiscal uncertainty, businesses potentially already burdened with pandemic-related claims should seek a carrier with a long history in M&PL products. They will provide much-needed risk management guidance and be better positioned to support their insureds during market fluctuations.

Why Insureds Might See an Uptick in M&PL Claims

George Schalick, Jr., Senior Vice President of the Management and Professional Liability Division, Philadelphia Insurance Companies

The current soft market might come as a bit of a surprise as it does not track with previous underwriting cycles and economic conditions. Afterall, many privately held and non-profit organizations struggled during the early days of the pandemic with shutdowns and rapidly declining revenues. But the Government assistance programs, like the Paycheck Protection Program loans, helped keep many afloat during the tough times.

“During COVID many organizations stopped doing business until they were able to sort out all of the health and safety challenges,” Schalick said. “They were forced to lock down, but then all the government assistance programs allowed them to keep people employed. The increased volume of claims we anticipated we would see coming from the lockdowns and restrictions that were imposed upon businesses in the U.S. didn’t manifest at first.”

“Just because there wasn’t an onslaught of reported claims at the beginning of the pandemic, doesn’t mean the circumstances that would give rise to a claim being reported didn’t occur. Courts and the judicial system were closed or slowed and now that they are back open, we’re starting to see the circumstances that occurred during the COVID lockdowns becoming claims today,” Schalick said. “Litigation is progressing.”

Added to the delayed pandemic litigation is a concern over newer claims that might be filed as the country inches toward an economic downturn. Though a recession was avoided in 2023, experts think a soft dip could occur in 2024, with 76% of economists saying there’s a 50% or less chance of an economic downturn this year — that almost always results in more management liability claims.

“During the Great Recession in 2008, we saw an almost immediate spike in claims because of the economic conditions and the pressure it placed on organizations. They were making personnel changes with significant belt tightening almost immediately.” Schalick said.

What’s in Store for M&PL Policy Rates in 2024?

Despite an uptick in claims and increased economic uncertainty, management liability rates haven’t increased, resulting in market-wide pricing levels that may not meet the increased pressure of rising settlements and jury verdicts.

“Rates are going the other direction and settlement values are not falling,” Schalick said.

The mismatch between rates, claim frequency and severity is, in part, because carriers experiencing the dramatic soft market in the public D&O market are seeking premium gain in the private and non-profit market.

“In the public company market, the rates have been decreasing significantly. The rates were increasing in the private, not-for-profit market, and rightfully so, but there’s a desire to supplement overall mid-size D&O for carriers who also write private not-for-profit, and they see that as an opportunity to aggregate premium,” Schalick said. “So the always competitive landscape in the private, not-for-profit market has dramatically increased in the last 18 to 24 months.”

Still, companies of all sizes and types should be concerned about management liability rates in the future. Legal system abuse is resulting in increases in both the amount of litigation and the size of verdicts plaintiffs are receiving.

Certain areas of the country are particularly vulnerable to this type of legal system abuse. As a result, insureds in these localities are likely to be vulnerable to rate increases.

“The environment is so positive for the plaintiff that forces premium increases so carriers are able to stay in that market long term,” Schalick said.

Why a Tenured Carrier Partner Can Help Insureds Navigate An Uncertain Market

It’s clear that insureds are facing an uncertain M&PL market over the next few years. Fortunately, carriers with a long history in the M&PL space will be there to offer stability.

Philadelphia Insurance Companies has been supporting this market for 35 years. PHLY is committed to offering long-term rate stability, even as economic and claims trends start to push premiums upwards. They have an appetite for all sorts of companies, large and small, for-profit and nonprofit alike.

“We’ve been at this game for a long time and are one of the most tenured underwriters in this space,” Schalick said. “We like to stay very consistent.”

PHLY has worked with both for-profit and non-profit on management liability policies. With dedicated M&PL teams throughout the company’s 13 regions, PHLY provides the support agents and brokers are looking for on behalf of their clients. The teams know their regions well and can respond to local trends. They’re also dedicated to making the renewal process as easy as possible for their partners and policyholders.

“We have real confidence in our results, so we focus a lot on making the renewal experience as painless as possible for all agents and insureds,” Schalick said.

The company is also investing in tools to help insureds avoid losses. Earlier this year, they launched a new online risk management platform, PHLYGateway, which offers resources for insureds on how to create an employee handbook and trainings on issues such as recognizing workplace sexual harassment and discrimination.

If insureds have questions, they can consult a Best Practices Help Line, provided via the platform. That way, they can get on the spot risk management guidance to help them prevent claims.

To learn more, visit: https://www.phly.com/mplDivision/managementLiability/default.aspx.

This article was produced by the R&I Brand Studio, a unit of the advertising department of Risk & Insurance, in collaboration with Philadelphia Insurance Companies. The editorial staff of Risk & Insurance had no role in its preparation.