Airmic welcomes Pool Re's inclusion of cyber-triggered terrorism

Pool Re's decision to extend its terrorism cover to include cyber-triggered acts of terrorism is "testament to how far the government has progressed" in its approach to cyber risk, Airmic has said.

"We welcome this as a major step forward for businesses in the fight against terrorism and cyber crime," Airmic CEO, John Ludlow, commented. "I particularly applaud Pool Re, and by extension the government, for evolving its cover into a complex area of risk which addresses aggregate vulnerabilities where the financial consequences can be huge."

Pool Re, the terrorism reinsurance pool, announced last month that, from April 2018, it will extend its cover to include material damage and direct business interruption caused by acts of terrorism using a cyber trigger. The cover, which will exclude intangible assets, will be offered as standard to all policyholders which purchase terrorism insurance from Pool Re Members.

"No one knows how cyber terrorism will evolve," Mr Ludlow added. "The source and nature of global terrorism and the level of sophistication ebb and flow but never go away, so it's excellent to see this proactive step. What is certain is that one cyber attack can take out huge swathes of assets, and that's a real challenge for businesses and insurers."

Gap in coverage

Pool Re's announcement is the culmination of more than two years of work and is based upon a research study which was commissioned from the Centre for Risk Studies at University of Cambridge Judge Business School, to further Pool Re's understanding of the nature of the cyber terrorism threat.

According to its CEO Julian Enoizi, businesses have become "increasingly concerned" about the potentially extensive repercussions a cyber-triggered attack could have, and this move is designed to "future proof" the scheme.

"This was a clear gap in our coverage which left businesses potentially exposed. After rigorous analysis, we determined that we can close this gap," Mr Enoizi commented. He added that it is a "pivotal moment" for Pool Re and "establishes a new standard for terrorism cover and places the UK at the forefront of nations reinforcing their economies against emerging risks."

"Extra comfort for businesses"

The decision represents "significant progress", according to Julia Graham, Airmic's deputy CEO and technical director: "Pool Re is designed to help businesses protect themselves against exceptional and catastrophic events, and this extension in coverage will add an extra degree of comfort for businesses.

"It's a real testament to how far we have come on cyber risk. A few years ago, businesses wouldn't have even known they needed this."

Basing the decision on academic research was the right approach, she added: "Cyber is difficult to define and understand - any extension in cover must be carefully and thoughtfully understood and defined, so it's absolutely right that they've used a credible research team."

Bold step

Pool Re have not released the details of the new cover, but the extent of the cyber coverage is likely to be cautious, for example by excluding the impact on intangible assets, according to Airmic's Mr Ludlow.

"This is understandable," he said. "Of course, we would like to see broader coverage wherever possible, but this is already a bold step and they need to move at a sensible pace. Pool Re has indicated that it will continue to evolve the coverage, which is something Airmic would welcome and support."

Julian Enoizi, CEO, Pool Re