Skip to main content

Myth busting cyber insurance

Does cyber insurance pay claims?

By Glyn Thoms and Martin Berry | July 31, 2020

This article considers the reasons why Cyber insurance claims are not paid and provides some tips to ensure that your claims are not among those rejected.
Aerospace|Risk & Analytics|Corporate Risk Tools and Technology|Cyber Risk Management|Financial, Executive and Professional Risks (FINEX)|Marine|Insurance Consulting and Technology


The cyber insurance market has grown significantly in recent years. This is a trend which has continued through 2020, with new buyers coming into the market and existing buyers looking at expanded programmes. Whilst the overall awareness and knowledge of cyber insurance has improved, in our experience a lack of understanding about the scope of the coverage persists and, more importantly, we often hear scepticism about whether claims will be paid. This uncertainty has undoubtedly been fuelled by several high-profile legal proceedings, where press coverage has focused mainly on an insurance claim being disputed, rather than the underlying reasons.

99% of claims made on ABI-member cyber insurance policies in 2018 were paid1

According to the data, the reality around cyber insurance claims paints a different picture. A report issued by the Association of British Insurers (ABI) in 2019 revealed that 99% of claims made on ABI-member cyber insurance policies in 2018 were paid1. At the time, this was one of the highest claims acceptance rates across all insurance products. Whilst this is great news for policyholders, it still leaves a small proportion of unhappy clients, whose claims have not been paid as expected. So, what are the reasons for this?

Willis Towers Watson regularly reviews claims outcomes. Our 2020 Cyber Claims Analysis Report, which has recently been published (LINK), analysed close to 1200 of our clients’ claims across 50 countries and enables us to understand the nature, trends, causes and cost breakdown of loss events impacting businesses, including why claims haven’t been covered.

Why were claims refused?

In analysing our claims data, a few key reasons emerged which have led to claims not being paid, the main ones being:

  • Using claims/incident response vendors without any prior discussion with insurers in breach of policy conditions;
  • First party coverage was not taken out – coverage was purchased solely for data protection/privacy liability exposures, but NOT business interruption;
  • Claim notified under the wrong policy – Crime policies were the most common;
  • Betterment – costs were incurred in improving IT networks and infrastructure beyond that which existed prior to the cyber incident,

Interestingly, some of the above issues are by no means unique to cyber insurance - they can be witnessed across other lines of insurance.

So, what can be done?

Looking at the reason’s claims are rejected, there are several key actions you can take:

  1. Understand what you are buying and why!
    • Do you have a clear understanding of the insuring clauses, conditions and exclusions?
    • Assess what coverage you may have within other insurance lines and how these will interact with a specific cyber insurance policy.
    • Have a clear view of what your key risk exposures are and how your cyber insurance policy responds to these.
    • Do you have an understanding of what claims/ incident response service is provided as part of the policy?
  2. Work with your insurers in advance
    In advance of an incident, work with your insurers to ensure your incident response plans align with the cyber insurance policy requirements. This will ensure that insurers have a clear understanding on how your incident response plans operate and what to expect. Doing this in advance will allow you to focus on dealing with the incident rather than worrying about insurers’ consent. Our claims analysis has shown that breach/incident response and crisis management were by far the most commonly triggered insuring clauses, which highlights insurers’ requirement for a proactive and cooperative approach to having breaches investigated and remediated at an early stage.
  3. Notify insurers early
    Early communication with insurers and awareness of the approved vendor lists will help ensure that these type of coverage issues can be prevented

How can Willis Towers Watson help?

Cyber risk and insurance are continually developing areas. Managing them effectively requires a dynamic approach across a range of specialisms. Our team combines experts with backgrounds in legal, cyber security, insurance broking and analytics.

Our team combines experts with backgrounds in legal, cyber security, insurance broking and analytics.

Our 2020 Claims Analysis report is a great example of how we utilise our team of specialists to turn our data into insight on key cyber risks and exposures and more importantly, utilise this to develop insurance solutions which provide:

  • Clarity of coverage: dispensing with insurance and technology jargon to allow a greater understanding of what is and isn’t covered. This can better inform your overall cyber risk management strategy;
  • Flexibility: to ensure that coverage can be adapted to meet your industry and specific exposures; and
  • Relevance: to address both the established and latest cyber threats that are applicable to an individual’s business.

Ultimately, our role is quite simple: to maximise the opportunity for recovery (financial and operational) in the event of a loss. We are committed to helping clients navigate what can be a complex purchase in order to maximize recoveries, reduce the uncertainty and frequency of unpaid claims and demonstrate the ever growing value of cyber Insurance as an essential component of your cyber management strategy.




Director - Client Relationship Management

Related Solutions

Related Services

Contact Us