Insurance Day is part of Maritime Intelligence

This site is operated by a business or businesses owned by Maritime Insights & Intelligence Limited, registered in England and Wales with company number 13831625 and address c/o Hackwood Secretaries Limited, One Silk Street, London EC2Y 8HQ, United Kingdom. Lloyd’s List Intelligence is a trading name of Maritime Insights & Intelligence Limited. Lloyd’s is the registered trademark of the Society Incorporated by the Lloyd’s Act 1871 by the name of Lloyd’s.

This copy is for your personal, non-commercial use. For high-quality copies or electronic reprints for distribution to colleagues or customers, please call UK support +44 (0)20 3377 3996 / APAC support at +65 6508 2430

Printed By


Cyber market's tussle over scope of war exclusions heats up

Disagreement centres on whether insurance buyers should be covered if they are hit by a stray cyber attack meant for another target even if the attack was initially launched by a state actor or as part of an act of war on a target elsewhere

Brokers and insurers are grappling over cover for collateral damage caused by cyber attacks during a war

Disagreement over the scope of cyber war exclusions is increasing as brokers and clients push to write some types of collateral war risk back into policies.

Insurance Day understands multiple brokers are looking to reintroduce cover for collateral damage caused by cyber events that take place during a war or as part of a state-backed attack.

This would mean buyers would be covered if they were hit by a stray cyber attack meant for another target even if the attack was initially launched by a state actor or as part of an act of war on a target elsewhere.

However, some carriers are pushing back, arguing such wording could increase the scope of war coverage beyond what is normal for other lines of business.

Munich Re has been in conversations with brokers and clients, warning if this sort of cover is made more commonplace it would create unmanageable exposures that would be unsustainable for the line of business in the long run.

Insurance Day understands Munich Re is arguing this type of collateral war damage is usually excluded from other lines of business including property covers. This is despite the fact the geographical realities of property – unlike the borderless nature of cyber threats – make collateral acts of war easier to manage.

The re/insurer is also arguing such wording would make it difficult for any insurer to articulate their risk positions to regulators, analysts or shareholders.

The issue has come up in Marsh’s Echo cyber facility as well as elsewhere in the cyber market. Marsh has not responded to request for comment.

On the other side of the argument, some brokers are concerned the way new war exclusions are being implemented is putting at risk years of effort that has gone into making cyber cover relevant and attractive.

In a recent cyber market report, Aon said exclusions for war, infrastructure and widespread events remain “inconsistent” across the global market and cautioned limiting coverage for widespread events “risked deteriorating the value proposition” of cyber insurance.

Among the brokers that have pushed to reintroduce cover is WTW, which claims to have successfully written back some collateral war cover into its clients’ policies. Andrew Hill, global cyber product leader at the international broker, said the fundamentals of the recently introduced Lloyd’s war exclusions were “largely speaking sound”.

But, he said, the decision to roll exclusions for war, infrastructure and systemic cyber events into the same set of exclusions made it a hard sell for clients.

“All the work we’ve done over the years advancing the benefits of [cyber insurance] and why this is a good solution to purchase; there’s been a reset and you’re having to start all over again with every client,” he said. “Even for a sophisticated buyer, an exclusion that’s one-and-a-half pages long… was too ambitious.”

WTW’s carve-back focuses on the Lloyd’s Market Association’s cyber exclusions clause 5567, which excludes collateral damage caused by cyber attacks that are deployed in conjunction with a physical war.

Under WTW’s policy wordings, if a business’s digital assets are not in the countries at war, and the country they are in has not suffered a major detrimental impact because of the cyber event, they will be covered.

Hill described this as “non-systemic cyber war loss” and said the reintroduction of this cover has “appeased many of our more sceptical buyers” who have raised concerns over new war exclusions.

The market has been prepared to support WTW with the reinclusion of this wording, he added. But, he cautioned, with such a high proportion of the primary cyber risk passed on to reinsurers, the next reinsurance renewal would be key to deciding what cover is kept.

Related Content





Ask The Analyst

Ask The Analyst - Ask Your Question Send your question to our team of expert analysts. You can: • Ask for background information on/explanation of articles in Insurance Day * • Find out more about our views on industry developments • Ask for an interpretation of market trends • Source supplementary data relating to articles • Request explanations to further your understanding of current issues (* This relates to any Insurance Day that is included as part of your subscription) We will do the research and get back to you personally with the information you need.

Your question has been successfully sent to the email address below and we will get back as soon as possible. my@email.address.

All fields are required.

Please make sure all fields are completed.

Please make sure you have filled out all fields

Please make sure you have filled out all fields

Please enter a valid e-mail address

Please enter a valid Phone Number

Ask your question to our analysts