Affirmative and silent cyber coverage in traditional insurance policies: Qualitative content analysis of selected insura
- PDF / 1,410,773 Bytes
- 33 Pages / 439.37 x 666.142 pts Page_size
- 63 Downloads / 186 Views
Affirmative and silent cyber coverage in traditional insurance policies: Qualitative content analysis of selected insurance products from the German insurance market Dirk Wrede1 · Tino Stegen1 · Johann‑Matthias Graf von der Schulenburg1 Received: 7 September 2019 / Accepted: 20 July 2020 / Published online: 7 September 2020 © The Authors 2020
Abstract This paper examines the design of affirmative and silent coverage in view of the cyber risks in traditional insurance policies for select product lines on the German market. Given the novelty and complexity of the topic and the insufficient coverage in the literature, we use two different sources. We analysed the general insurance terms and conditions of different traditional insurance lines using Mayring’s qualitative content analysis. Also, we conducted interviews with experts from the German insurance industry to evaluate how insurers understand their silent cyber exposures, and what measures they take to deal with this new exposure. The study shows a considerable cyber liability risk potential for insurers in the considered insurance lines. This arises from the affirmative as well as silent cover inclusions and exclusions for cyber risks, which result from imprecise wordings of insurance clauses and insufficient descriptions of the contractually specified scope of the insurance coverage. Keywords Cyber insurance · Traditional insurance policies · Cyber risk · Silent cyber coverage · Affirmative cyber coverage · Silent cyber
Open access funding provided by Projekt DEAL. Electronic supplementary material The online version of this article (https://doi.org/10.1057/s4128 8-020-00183-6) contains supplementary material, which is available to authorized users. * Dirk Wrede [email protected]‑hannover.de Tino Stegen [email protected] Johann‑Matthias Graf von der Schulenburg [email protected]‑hannover.de 1
Gottfried Wilhelm Leibniz Universität Hannover, Institute for Risk and Insurance, Otto‑Brenner‑Straße 7, 30159 Hanover, Germany Vol.:(0123456789)
658
D. Wrede et al.
Introduction Cyber risks (e.g. cybercrime, IT failure/outage, data breaches, fines and penalties) are among the most critical business risks for companies worldwide in the 21st century (Allianz Global Corporate & Specialty (AGCS) 2020; World Economic Forum 2020). As a peril, cyber risk can be defined as ‘any risk emerging from the use of information and communication technology (ICT) that compromises the confidentiality, availability, or integrity of data or services. The impairment of operational technology (OT) eventually leads to business disruption, (critical) infrastructure breakdown, and physical damage to humans and property’ (Eling and Schnell 2016a, b). Generally, data protection-related breaches of obligations and confidentiality, business interruptions and data theft can result in financial damage and reputation losses (Cavusoglu et al. 2004; Smith 2004; Salmela 2008; Bulgurcu et al. 2010; Järveläinen 2013). Over the past two years, for example, cyberattacks caused total losses for companies
Data Loading...
