Stand-alone cyber coverage offers additional protection

Cyber risk is a growing concern in mergers and acquisitions, with buyers stepping up their due diligence around the liabilities.

Having a stand-alone cyber insurance policy in addition to representations and warranties coverage can ensure that cyber exposures are adequately covered, experts say.

Insurers are “paying more attention” to cyber risks in mergers and acquisitions, said Jeff Anderson, Atlanta-based director and co-founder of ASQ Underwriting, a managing general underwriter that is part of Alliant Insurance Services Inc.

“We are more finely tuned into that personally identifiable information exposure,” said Mr. Anderson.

While rep and warranties insurance policies typically provide some cyber liability coverage, insurers may require the purchase of a separate cyber insurance policy depending on the risk profile of the company being acquired, he said.

“The representations and warranties policy is not looked to be a replacement for a cyber policy,” said Gary Blitz, New York-based Co-CEO of Aon PLC’s M&A and transaction solutions business in the U.S.

“There could be overlap, but the expectation of underwriters is that the R&W policy would be excess over that cyber policy,” Mr. Blitz said.

Like environmental liabilities, “ideally you should go out and get a separate cyber insurance program to have those coverages addressed,” said Seth Gillston, New York-based M&A and private equity practice leader at Chubb Ltd.

“A commercial cyber policy or environmental policy would tend to have a much lower retention and broader coverage than a representations and warranties policy,” said Mr. Anderson.