Cyber Business InterruptionWhen organizations face large-scale disasters or other unexpected losses, ensuring business continuity is often a top priority. Yet, various losses may make it challenging for organizations to avoid operational disruptions or temporary shutdowns. In these instances, even brief closures can carry costly consequences. Fortunately, that’s where business interruption (BI) insurance can help.

BI insurance can offer much-needed financial protection when organizations’ usual business activities are interrupted due to covered losses. This type of coverage is typically available through a few different commercial insurance policies. Traditional BI coverage can be purchased as a supplement to commercial property insurance or a business owner’s policy (BOP), whereas an alternative form of BI coverage can be secured via cyber business interruption insurance.

Nevertheless, there are several differences between traditional and cyber business interruption policies, including when they apply and what they cover. As such, organizations should be aware of these differences and better understand their overall coverage capabilities. The following article provides more details on traditional and cyber BI insurance and offers a coverage comparison between these policies.

Traditional Business Interruption Insurance

Traditional BI insurance is typically added onto a commercial property insurance policy or comprehensive insurance package, such as a BOP. This coverage generally includes financial protection for the various expenses that can arise if an organization is forced to pause its operations or temporarily close its doors due to a covered loss. Such a policy may reimburse these operating costs:  

  • Income that an organization would be earning if it were running normally
  • Commercial mortgage, rent, lease, loan and tax payments due during a disruption
  • Payroll expenses to maintain employees’ wages amid a closure
  • Relocation costs related to an organization’s move to a new or temporary location during a disruption
  • Commission and training costs stemming from an organization having to replace damaged tools or machinery amid a closure and educate workers on how to use the new equipment
  • Extra expenses that an organization reasonably incurs (beyond typical operating costs) during a disruption to help it get back up and running

Examples of covered losses under traditional BI insurance include a range of perils, such as fires, theft, vandalism and certain natural disasters. For instance, if a fire destroys the kitchen in a restaurant, this coverage may help reimburse the business for lost income and employees’ wages while it temporarily closes for repairs.

With traditional BI policies, some insurers may also offer contingent business interruption (CBI) coverage, which provides financial protection for operational disruptions caused by covered losses among suppliers and business partners. Some insurers may also provide civil authority coverage, which can help compensate expenses stemming from government-mandated business closures (e.g., a citywide curfew, local evacuation order or temporary road closure).

Cyber Business Interruption Insurance

As its name suggests, cyber BI coverage is solely available through the purchase of a standalone cyber insurance policy. This relatively newer coverage offering has become increasingly common as organizations expand their digital operations and invest in various technological advancements, thus driving up their associated cyber exposures and leaving them more susceptible to disruptive attacks. Even so, not all insurers include BI coverage in their cyber policies; with this in mind, organizations should carefully review their policies for this offering rather than assume they have coverage.

Cyber BI insurance usually provides financial protection for costs stemming from an organization experiencing technology failures (e.g., system shutdowns or network outages) and related operational disruptions due to a covered loss. Such a policy may help reimburse many of the same operating costs as traditional BI coverage, including lost income, employees’ wages and extra expenses.

Examples of covered losses under cyber BI coverage include a variety of security and privacy events, such as data breaches, social engineering scams and ransomware attacks. For instance, if an online retailer’s website gets temporarily shut down due to a ransomware attack, this coverage may help compensate the business for lost profits incurred while the website is offline.

With cyber BI coverage, some insurers may also provide financial protection for digital disruptions caused by human errors (e.g., an employee accidentally downloading a harmful computer virus) or malfunctioning software (e.g., an organization’s network unexpectedly freezing during a routine system upgrade). Further, some insurers may offer cyber CBI coverage, which can help reimburse expenses arising from third-party cyber events that result in software provider shutdowns or cloud vendor outages. 

Coverage Comparison

Despite some similarities, traditional and cyber BI policies are not the same. Here’s a coverage comparison to highlight the main differences between these coverage offerings:

1) Coverage triggers—Both traditional and cyber BI policies have a waiting period, which refers to the amount of time that must pass once a loss occurs before coverage can be triggered. Under traditional BI coverage, the waiting period is typically 72 hours. With cyber BI coverage, however, this period is often shorter. Since cyber events happen quickly and are generally resolved faster than losses caused by property-related perils, the waiting period for such coverage is almost always less than 24 hours, usually between six and 12 hours.

2) Period of measurement—In the scope of BI coverage, the period of measurement pertains to the calculation of lost income caused by an operational disruption. Traditional BI policies primarily apply to commercial property losses that pause typical business activities for long periods, making it relatively easy to determine the period of measurement.

On the other hand, digital disruptions stemming from cyber losses may only last for hours or days, making it more difficult to calculate lost income correctly. To accurately determine the period of measurement and ensure sufficient reimbursement of lost income with cyber BI coverage, it’s best to collect more detailed loss data, such as hourly profit statements and sales records.  

3) Period of restoration—One key factor in determining the overall value of any BI loss is the period of restoration, which refers to the total length of an operational disruption. In most cases, the period of restoration is measured from the start date of a loss (e.g., when property damage occurs or a cyber event initially strikes) until the affected organization fully recovers and resumes normal operations (e.g., when property repairs are completed or digital assets are restored). The period of restoration is often pretty simple to determine when it involves property damage, but cyber events aren’t as straightforward. There can be far less certainty regarding when cyber events start and end, as there could be minimal evidence of physical recovery.

What’s more, some cyber insurers may even define the period of restoration differently than others, prompting more confusion surrounding cyber BI policies than traditional BI policies. Considering these difficulties, it may be necessary to closely review policy wording, consult forensic accountants and assess additional loss elements (e.g., how and when cyber events were detected and resolved, what technology was affected, and which operations were paused) to correctly calculate this period following digital disruptions.

4) Reputational losses—When organizations encounter traditional BI losses, they usually don’t have to worry about reputational damage, as these losses generally stem from perils out of their control. Yet, with cyber BI losses, stakeholders may partially blame organizations for their involvement in cyber events, especially if these events involve a breach of confidential data or are caused by preventable security failures.

Consequently, organizations may experience prolonged profit losses due to diminished customer loyalty even after recovering from cyber events and associated digital disruptions. That’s why cyber BI policies may offer coverage for reputational losses, whereas traditional BI policies do not.

Conclusion

While there are a number of differences between traditional and cyber Business Interruption policies, both forms of coverage can prove valuable and offer significant financial protection to organizations facing operational disruptions. Organizations can consult trusted insurance professionals to learn more about these coverage offerings and discuss their specific BI insurance needs.

Contact us today for further insurance solutions.