Help

BI’s Article search uses Boolean search capabilities. If you are not familiar with these principles, here are some quick tips.

To search specifically for more than one word, put the search term in quotation marks. For example, “workers compensation”. This will limit your search to that combination of words.

To search for a combination of terms, use quotations and the & symbol. For example, “hurricane” & “loss”.

Login Register Subscribe

Organizations address third-party risks by requiring cyber coverage

Reprints

More companies are insisting their vendors have cyber insurance as the risks associated with these third-party firms rise, say experts.

“I’m finding that companies are asking their vendors to carry more and more robust insurance in limits and scopes of coverage,” said policyholder attorney Scott N. Godes, a partner with Barnes & Thornburg LLP in Washington.

Stephanie Reilly, vice president at Walnut Creek, California-based Relation Insurance Services Inc., formerly Ascension Insurance Inc., said, however, that while some companies are asking their vendors to present some type of proof of cyber liability insurance, there is no certificate that shows all the needed coverages have been acquired.

“Cyber policies vary so much in the various types of insurance coverages they provide ... so it becomes kind of a double-edged sword. But does the customer or the company really know what they have? That becomes one issue,” she said.

Some experts also recommend that organizations ask their vendors to obtain a certification such as the ISO 27001 information security standard.

The standard helps firms manage the security of their assets by providing requirements for their information security management systems.

But even if a vendor has its own cyber insurance coverage, the contracting organization is still going to need to make sure its own policy “is broad enough to take into account even a vendor’s computer systems,” said Jason Krauss, New York-based cyber/errors and omissions thought and product leader for Willis Towers Watson PLC’s FINEX North America business.

 

 

 

Read Next

  • Medical devices open door to cyber risks

    Advancements in technology have propelled development of medical devices being utilized for life-saving treatments, but the ability of hackers to access such devices in a connected world is raising the bar on the need to identify and prevent cyber attacks that can compromise patient safety, experts say.