No doubt you pride yourself on providing sound risk management advice to your commercial clients. So you talk to your transportation and logistics clients about cyber insurance, yes? You don’t? Then you are far from alone. “Cyber liability is rarely considered in the context of transportation and logistics, even by insurance professionals, and yet like every industry it has exposures to cyber risks” explains Sarah Brailey, head of professional risks at THB. “While transportation and logistics firms work very much in the physical world, they rely on both internal and external networks that are critical to their operations.”
A global example of how the physical and cyber worlds collided happened in 2017 when Maersk, the world’s largest container ship and supply vessel operator, was stopped in its tracks by the NotPetya computer virus, and millions of tons of cargo were left in limbo. The ripple effect across the supply chain affected freight forwarding firms, trucking and logistics companies, and manufacturing industries waiting for deliveries, resulting in an estimated total loss to Maersk of US$300 million dollars.
In the UK, according to the Government’s most recent Cyber Security Breaches Survey (June 2020) the extent of cyber security threats has widened and become more frequent with almost half of businesses reporting cyber security breaches or attacks in the previous 12 months and yet only 32% reporting being insured against cyber risks and only 15% having reviewed the cyber security risks presented by suppliers. Here is how the THB UK Professional Risks team sees the top 10 cyber risks currently facing insureds in the transportation and logistics sector.
Coverages to address the cyber threats facing the Transportation and Logistics Industry
Threats targeting the transportation and logistics sector can come from:
• terrorist groups
• disgruntled or former employees
• nation states
• traditional network operation mistakes
However, there is coverage to help with many of these threats. “Typical elements found in a Cyber Liability policy can potentially address many of these threats” says Sarah Brailey, “and crucially, this coverage is not included in other lines of business such as Property, General Liability or Commercial Combined”. Cyber Liability coverage varies by insurer, but these are some of the elements you should expect to see in a Cyber policy:
Cyber Risk Management Tools
In addition to reactive insurance coverage, it’s also important to consider the various risk management tools available free or at a discount as part of some cyber liability policies, such as:
• Social Engineering spoof tests and training
• Network penetration testing
• Table-top exercises to practice preparedness
• Network traffic threat scoring
• Cyber threat information and template portals
• Free hotlines that allow network security professionals to ask configuration questions
Transportation and logistics firms have meaningful cyber risks that differ from those of other industries, so who can help them address these risks? “THB UK Risk Solutions has specialists in both cyber and transportation who work together frequently, so we’re well suited to placing these unique risks” suggests Sarah Brailey. “We have the largest specialist fleet team in the London market, and we have great relationships with cyber underwriters so for complex risks we can present the business personally and create a tailored solution. We’ve also been developing products in this area for some time so can also offer quick and cost-effective packages which we find are popular with smaller firms.”
Further useful references:
https://www.ncsc.gov.uk/collection/10-steps-to-cyber-security Used by the majority of the FTSE350, the UK National Cyber Security Centre’s “10 steps to cyber security” breaks down the task of defending a firm’s networks, systems and information into its essential components, providing advice on how to achieve the best possible security in each of these areas.
https://www.ncsc.gov.uk/cyberessentials – Cyber Essentials is a simple but effective Government-backed scheme that helps businesses of all sizes to protect themselves against a whole range of the most common cyber attacks.
With thanks to David Lewison, Professional Lines Practice Leader for AmWINS Group, Inc. For more insights from AmWINS on emerging issues and industry trends, visit amwins.com/insights
Views expressed here are for general guidance and do not constitute legal advice. Coverage afforded under any insurance policy issued is subject to individual policy terms and conditions.