ABSTRACT
This chapter elaborates the difficulties facing cyber-risk insurers and the measures, contractual or otherwise, taken by them to manage such difficulties. It offers some suggestions that insurers, perhaps with the help of regulators, might take to enhance underwriting conditions. This will, of course, be beneficial from the perspective of their clients — shipping companies, cargo interests and others who will seek to purchase cyber-risks insurance as a means of managing their cyber exposure. However, given that most cyber-risks are systemic, there is a real possibility of a “risk aggregation” in the context of cyber-risk insurance. For example, a cyberattack on a major cloud service provider could have harmful effects on many policyholders in many industries, including financial services, software and tech services and retail. There is not much evidence of standardisation in the cyber-risk insurance market in terms of wording of policy forms.
