Insurance Coverage for Cyber Terrorism in Australia

‌

Date of publication
28 February 2020

28/02/2020- The increasing integration of digital technologies into business and infrastructure management and operations has greatly enhanced efficiency but has also led to new vulnerabilities that can be exploited by terrorists and other politically motivated actors to cause harm and economic disruption. In particular, the increasing digitalisation of operational technologies, such as building management systems and industrial control systems, the proliferation of connected devices (“Internet of Things”) and the automation of transport systems will greatly expand the potential for cyber-attacks to lead to serious damage to property, bodily injury and disruptions to critical infrastructure services.

In response to these developments, several terrorism (re)insurance programmes established to ensure sufficient insurance coverage against losses from conventional (physical) terrorist attacks have been examining the risk of cyber-terrorism and how their programmes might respond. The Australian Reinsurance Pool Corporation (ARPC) initiated a research study on the threat of cyber-terrorism in Australia, including the nature and cost of physical damage to commercial property (including business interruption) which may be caused by acts of cyber terrorism.

This report provides an analysis and assessment of insurance coverage and options for extending ARPC coverage. It has been developed based on a review of available policy wordings across four main lines of insurance business (industrial special risk/commercial property, cyber insurance, public/general liability and terrorism insurance) and benefitted from consultations with industrial special risk/commercial property, cyber insurance and public liability underwriters in Australia as well as the administrators of terrorism (re)insurance programmes from around the world.