Zurich Insurance has rolled out a new industry specific endoresements to its cyber insurance policies to provide coverage for manufacturers.
This additional coverage was created due to the increased cyberthreat these companies are now under and the fact that many manufacturers, particularly mid-sized firms, are unaware and possibly less prepared to deal with, the risks posed by cyberattacks, Zurich said.
Cyber exposures covered by Zurich’s manufacturing-specific endorsements include:
• Any components that are part of supervisory control and data acquisition systems (SCADA), programmable logic controllers (PLC) or other industrial control systems;
• Computer hardware, firmware, software and electronic data, as well as associated input and output devices utilized in manufacturers’ operational technology strategy;
• Computer peripheral devices, including wireless and mobile devices, which comprise a growing segment of manufacturers’ overall connected environment;
• Electronic backup facilities, including systems accessible through the internet, intranets, extranets or virtual private networks, which manufacturers use as part of their cyber security defense protocol.
“Today, as manufacturers become more dependent on network connections linking industrial control systems with production machinery, robotics and other vital hardware, they are becoming more attractive targets. If a plant is shut down for any length of time due to a cyberattack, the impact can be significant and long lasting,” said Michelle Chia, head of professional liability and cyber for Zurich North America.
The growing number of cyberattacks, specifically ransomware, that have hit the public and private sector this year have greatly increased the role cyber insurance now plays in dealing with these incidents. A number of municipalities and school districts have cited the fact that this coverage enabled them pay an attacker’s ransom and get their systems back online.
Although paying a ransom is still frowned upon by law enforcement and many cybersecurity executives, as it may not result in files being decrypted and encourages future attacks.