Insurers' cyber risk exclusions for energy firms 'unsustainable': Marsh
Reprints
Clauses excluding cyber incidents in energy companies' insurance policies are creating an “unsustainable” situation, says Marsh & McLennan Cos. Inc. in its latest Energy Market Monitor publication.
“The cyber risk debate is happening across the whole insurance industry, everywhere in the world,” states the publication.
Many policyholders are developing business continuity plans and contingency planning, it states. “However, the energy market, including the terrorism market, looks set to continue to impose a CL380 clause, which effectively denies all coverage related to cyber incidents,” states the publication. “This is unsustainable and the market needs to respond to a clear risk transfer need,” it states.
Another issue is projects' scale, according to the publication. “Larger and larger projects are putting pressure on the upstream construction market. They may be few and far between, but the largest offshore projects are challenging market capacity and will challenge the general upstream capacity when they become operational.
“The market needs to face up to a dilemma: there is too much capacity for most risks, but not enough for a few,” it states.
Andrew George, London-based chairman of Marsh Inc.'s global energy practice, said in a statement issued Wednesday that, so far, the insurance industry's stance on these clauses “remains largely untested; the global energy sector has not experienced physical damage to facilities or disruption to supply that has been attributed to a cyber-related event, which is testament to its aggressive approach to risk management.”
However, said Mr. George, “a cyber-related incident could potentially have catastrophic consequences. Insurers must deliver innovative products that offer coverage which responds to the changing risk profile of the energy industry, not only to stay relevant, but to help their clients continue to be successful.”
Copies of the publication are available here.
