Silent cyber cover revisited

The Old Library, Lloyd's
Wednesday, 12 February 2020
1:10 pm – 1:55 pm
    • Ben Edie, Senior Wordings and Technical Counsel, W/R/B Berkley
  • Accident lecture

In this IIL Accident lecture Ben Edie talked about what silent cyber is and, crucially, the steps that are being taken by regulators (and in particular, Lloyd's) to ensure that the extent of cyber cover is properly understood by policyholders, and that there is sufficient understanding and capture of cyber exposures within the insurance industry.

Silent cyber cover has been a focus for UK regulators since the PRA issued its supervisory statement in July 2017. Early in 2019 the PRA wrote to all CEOs of insurers asking for an action plan to be put together providing clarity on how they intend to reduce unintended exposure to non-affirmative cyber coverages.

Lloyd's surveyed the Market with respect to cyber coverage in May 2019. They issued Market Bulletin Y5258 in July 2019, mandating that all policies are to provide clarity regarding cyber coverage through either express exclusionary language, or affirmative cover.

A phased approach has been taken to implementation by Lloyd’s. Phase 1 covered first party property damage policies, applying to policies issued on or after 1 January 2020. New model clauses were issued by the LMA to assist in implementing the requirements. On the Company side, the IUA also issued two model cyber clauses. The nature of these clauses will be considered.

We are now entering Phase 2, covering all other classes of business. Lloyd’s is working with class specific committees to determine how cyber cover is to be clarified. Various draft clauses are being issued to the Market. Lloyd’s follow up bulletin to Y5258 is eagerly awaited. It is hoped that this will have been issued by the time of the talk, and that it will detail the timelines for implementation across all other classes and what is expected in terms of implementation. Assuming the bulletin has been issued, it will be discussed.

The applicable deadlines for implementation are likely to be 1 July 2020 and 1 January 2021 depending on the class. Further model clauses will be issued.

EIOPA have also looked at the issue of silent cyber and other regulators are likely to follow suit.

Phase 2 of the Lloyd’s approach is likely to result in more significant challenges to the market, due to the nature of the insurance being addressed.

Managing agents will need to identify and capture the exposures to silent cyber. Where cover was previously silent on cyber but will be affirmative going forward (typically across professional indemnity and directors and officers’ policies), it may be that cyber exposure has not previously been captured in this way.

By the end of this lecture members would have gained an insight into:

  • What silent cyber is
  • The regulatory requirements to address the issue of silent (with a Lloyd's focus)
  • What insurers need to do
  • Other available options - stand-alone cyber coverage

Chair:
Martin Twells, Cyber Product Manager, FINEX Cyber Insurance, Willis Towers Watson

Venue
  • The Old Library, Lloyd's
  • One Lime Street
  • London
  • EC3M 7HA
View map

Registration & Security

IIL lectures are open to CII and PFS members
CII and PFS members must register online by 12pm one working day before the lecture
For lectures held in The Old Library, Lloyd's pass holders may also attend and do not need to register
All attendees (at any venue) must produce photo ID - either a Lloyd's pass, driving licence with photo or valid passport

Conditions:

  • Email confirmations and photo ID must be produced to security staff at the lecture venue
  • Attendance confirmations are non-transferable to any other person or lecture
  • All venues have limited capacity and registration and/or a Lloyd's pass does not guarantee admission

Please let us know what we can do to make our events fully accessible to you.

Contact:
Please contact Patricia Pedraza (020 7397 3911) with any queries regarding the CPD events programme.

CII Accredited

This demonstrates the quality of an event and that it meets CII member CPD scheme requirements.

3/4 hours' CPD can be claimed for this event if relevant to your learning and development needs.

It is recommended that you keep any evidence of the CPD activity you have completed and upload copies to the recording tool as the CII may ask to see this if your record is selected for review. Details of the scheme can be viewed online at www.cii.co.uk/cpd.