Out-Law / Your Daily Need-To-Know

Out-Law News 2 min. read

Civil fraud recovery can help companies claim back cyber crime losses from insurers, says expert


Companies that take steps to recover losses stemming from cyber crime are more likely to be able to claim back the losses they themselves cannot recover through insurance claims, an expert has said.

Civil fraud and asset recovery specialist Alan Sheeley of Pinsent Masons, the law firm behind Out-Law.com, said there are tools businesses can tap into to combat fraud stemming from the growing prevalence of cyber crime.

Sheeley said that civil fraud solicitors can be engaged to use tools such as disclosure orders to compel computer server providers, website hosts, credit card companies and banks to share details that can help identify fraudsters without them knowing.

"Once the ultimate fraudster is found, civil fraud solicitors, on behalf of the victim, can then deploy search and seize orders, which enable the victim's solicitor to enter the fraudster's properties to preserve evidence, and freezing orders, to enable the victim's solicitor to freeze the fraudster's bank accounts to avoid dissipation of the stolen monies by the fraudster," Sheeley said.

He said that victims of fraud cannot rely on law enforcement to help them recover losses and that those that do risk insurers refusing to pay out on any claims over those losses.

"Failing to act in a way which is aimed at mitigating loss could lead to the insurer refusing to cover claims made on the policy," Sheeley said.

The expert was commenting after a new report by Allianz Global Corporate & Specialty (AGCS) (32-page / 3.99MB PDF) said that the annual cost of cyber crime to the global economy is $445 billion. AGCS is a division of the insurance giant Allianz Group.

The AGCS report said that cyber risk is likely to increase as the 'internet of things' grows and devices become more interconnected. It said that continued use of older devices as technology improves is a further risk to cyber security if those devices "rely on outdated operating systems and unsupported software", and further warned of the potential risk to multiple businesses if cyber crime affects a single cloud provider they all use.

The report also said that it is "increasingly likely" that a single cyber security incident will put a company out of business in future or even lead to loss of life.

"While there have been some very large data breaches, there has yet to be a major cyber event of truly catastrophic proportions," the AGCS report said. "The impact could be severe. An attack or incident resulting in a huge data loss, BI or reputational damage could potentially put a large corporation out of business. A major data breach or network outage for a cloud service provider could cause business disruption for hundreds of companies."

"Another catastrophic scenario could result from a successful attack on the core infrastructure of the internet. Other scenarios could see an incident involving an energy or utility company resulting in a significant outage, physical damage or even loss of life in future, while a cyber war between two countries could disrupt services around the world," it said.

AGCS said that it expects the cyber insurance market to grow in the next decade. The market could be worth in excess of $20bn by 2025, compared to about $2bn now, it said.

Standalone cyber insurance policies will become "the main source of liability cover" as the market develops, and cyber concepts and wordings are likely to be tested in legal disputes, it predicted.

The insurance industry must overcome a skills shortage if the cyber insurance market is to grow, however, AGCS said.

"While the cyber insurance market is growing rapidly, certain factors are holding back even more rapid development," it said. "Businesses’ ability to understand their own exposures, the ever-evolving nature of cyber risk and awareness of the different data protection laws globally all present challenges. Education of businesses, brokers and underwriters is key."

We are processing your request. \n Thank you for your patience. An error occurred. This could be due to inactivity on the page - please try again.