What does it mean?
The global IT systems failure at airline British Airways (BA) has once again highlighted the potential for catastrophic IT system failure.
IT systems fail for a host of reasons. Hardware or software glitches, a cyber attack, human error, power surges, physical perils like a fire or a flood and botched upgrades are all potential causes.
BA is by no means the first large company to suffer a catastrophic IT system failure. Last year saw a number of airline IT outages, including those at Delta Air Lines and Southwest Airlines. In 2014, the New York Stock Exchange ceased trading for four hours after reporting a technical glitch. Human error during a routine software upgrade left millions of RBS banking customers without access to their accounts in 2012.
What could this mean for your company?
Companies are becoming increasingly dependent on IT systems - to manage supply chains, communicate with customers and trade - and are therefore exposed to the risk of significant disruption from IT system failures.
Cyber insurance has evolved over recent years and broad forms of system failure coverage are now available. However it is important to examine wordings as significant differences exist between policies.
Cyber insurance can cover business interruption losses from a wide range of systems failures, but will not generally cover outages caused by power supply or telecommunications failures. Depending on the policy, other exclusions may also apply, such as the failure of new software roll-outs or upgrades.
System failure cover typically falls into one of two camps: all risks or named perils. All risks provides the broadest cover, but the market is more limited in terms of insurer options and capacity, and the pricing is frequently higher. Underwriters are also likely to require more information from insureds.
For companies that require system failure it is critical to be aware of the type and scope of cover under their cyber insurance policies. It is also important to work with a specialist broker to understand the implications of wordings.
Download Cyber Decoder – June 2017
For further information, please contact Sarah Stephens, Head of Cyber, Content and New Technology Risks on firstname.lastname@example.org