Will Cyberattacks Become “Uninsurable’”?

The days of organizations relying on insurance policies to cover losses after a cyberattack may be coming to an end. This is the assessment of Mario Greco, CEO of Zurich Insurance Group. Amid growing concern about large-scale cyberattacks, Greco warned that cyberattacks will become “uninsurable.” Spiraling cyber losses have prompted the insurance sector’s underwriters to not only push up prices but tweak policies so clients bear more of the losses, writing exemptions into policies for certain types of attacks. Greco calls on governments to “set up private-public schemes to handle systemic cyber risks that can’t be quantified, similar to those that exist in some jurisdictions for earthquakes or terror attacks.” In September, the United States called for views on whether a federal insurance response to cyber was warranted that could be part of, or outside, its current public-private insurance program for acts of terrorism. Since 2011, the United States has said it reserved the right to retaliate with military force against a cyberattack from a hostile state.