Energy Companies Need Insurance Cover For Cyber Attack 'Time Bomb'
LONDON, April 8 (Reuters) - Energy companies have no insurance against major cyber attacks, reinsurance broker Willis said on Tuesday, likening the threat to a "time bomb" that could cost the industry billions of dollars.
Willis highlighted the industry's vulnerability to cyber threats in its annual review of the energy sector's insurance market, which called on insurers to find a way to provide cover.
"A major energy catastrophe - on the same scale as ... Exxon Valdez or Deepwater Horizon - could be caused by a cyber attack, and, crucially, that cover for such a loss is generally not currently provided by the energy insurance market," the insurance broker said.
Most insurance products currently available will cover minor things such as data losses or downtime caused by IT issues, but not major events like explosions at multiple facilities triggered remotely by hackers, Willis said.
It said the lack of coverage stemmed from a clause included in most energy sector insurance agreements over the past 10 years that explicitly excludes loss or damage caused by software, viruses or other malicious computer code.
"There can be little doubt that the removal of this exclusion would be the most effective way for coverage to be provided to the energy industry," it said.
But the exclusion clause has remained because cyber security is not well-understood by the insurance industry, making it difficult to design comprehensive products. Additionally, problems lie with how insurers agree to cover damage to multiple plants or platforms caused by a single attack.
View Full Article
WHAT DO YOU THINK?
Generated by readers, the comments included herein do not reflect the views and opinions of Rigzone. All comments are subject to editorial review. Off-topic, inappropriate or insulting comments will be removed.