Hugo Jacquot discusses cyber risks insurance and protecting owners from financial and operational impacts
In today’s connected world, the insurance of cyber risks is a key component in the protection of businesses. With cyber attacks becoming increasingly common, the yachting industry is certainly not immune to this trend. Many businesses in yachting have had to deal with the consequences of cyber attacks in recent years, whether the threat involves an attack against their website, theft of data, cyber extortion or the unfortunately frequent occurrence of invoice fraud.
Whilst there are very few industry communications that exist on this topic, based on the information we were able to collect, the cost of cyber-attacks to the yachting industry can certainly be estimated in millions of Euros. This is only based on the companies who are willing to talk about it, many choose to keep these incidents behind closed doors.
But, how many of these incidents were covered by a specific cyber risks insurance policy? The answer, unfortunately is very few, not because the insurers were not paying the claims but simply because businesses do not take up an insurance policy for cyber risks.
All too frequently, we are contacted by clients once they have already fallen victim to a cyberattack.
There are various reasons business owners hesitate to take out cyber risk insurance, but it usually comes down to two key factors. One is cost, there is a prevalent misconception that an insurance policy covering cyber risks is expensive when very often it is not. The second is that many businesses assume that having an IT company (sometimes a cyber risks company) implementing best practices in cyber security, means they do not need a specific cyber insurance policy covering them for cyber risks as well.
This is a common misconception, because any cyber risks expert will tell you that no solution can make your systems 100% safe. Indeed, a number of cyber attacks come from the lack of vigilance of users and hackers are very good at exploiting people’s weaknesses.
Another mistake we see small businesses make is waiting until they deem their revenue is sufficient to take up this cover. The problem with this approach is that it assumes that hackers are less likely to target a small business which is not necessarily the case. Furthermore, the cost of a cyber attack and the reputational damage that often follows, can be enough to bring down a business, regardless of its size.
The insurance policies covering cyber risks are extremely wide in coverage and often have very limited requirements when it comes to cyber protection. Insurers specialising in this field fully recognise that a small business cannot realistically be expected to have the same level of IT infrastructure as a business with a multi-million euro revenue.
Now turning to how yachts and superyachts are covered for this risk, the answer is very straightforward, as standard, they are not covered for cyber risks. The vast majority of insurance policies covering superyachts nowadays exclude claims arising out of cyber risks.
There are very simple steps an owner can take to ensure that coverage excluded in their Hull & Machinery and their Protection & Indemnity (Liability) insurance are reintegrated or bought back so that claims arising from cyber risks which would have been otherwise excluded as standard, are covered.
Owners have the option of taking out a fully comprehensive cyber risks policy, that would extend the coverage to extortion and ransomware, cyber-response costs, restoration costs, temporary accommodation, replacement yacht and a wide range of other additional benefits.
Most importantly the insurers providing such cover have a 24/7 response team available to assist at any time and will also offer cyber risks training to captains and crew.
In summary, the yachting industry needs to make sure that all the stakeholders have cover in place to ensure better protection of businesses and yacht owners.
Article written by Hugo Jacquot, Founder and Managing Director of Fort Insurance.
