Cyber Security For Connected Cars Is Challenging. Who Will Insure It?

Cyber Security For Connected Cars Is Challenging. Who Will Insure It?

March 21, 2019 Business Insurance and Risk Management, The Beacon Blog 0 Comments

A recent post on the Silvervine website (https://www.silvervinesoftware.com/2018/02/14/the-complex-challenge-of-cyber-security-for-connected-cars/?) examined the challenges to cyber security for connected cars. These challenges exist all along the supply chain:

  • Design: Coding errors in software could be exploited.
  • Manufacturing: Hardware and software could be compromised during installation.
  • Transit: Cars could be hacked on way to dealership.
  • Dealers: Faulty installation or updating (including failure to update).
  • In use: Attacks on two way communications, and breaches of data produced and transmitted.

These risks are being addressed by auto manufacturers and IT professionals through redundancy and monitoring. However, breaches will occur and insurers will need to address if and how they will cover them. Here is a short list of policies which will be impacted by auto cybersecurity risks:

  • Professional liability for design errors and omissions.
  • Products and completed operations liability for manufacturers.
  • Garage liability for dealers.
  • Data security and privacy plus physical damage for personal and commercial  automobile insurance.

Insurers can address these exposures either by explicit coverage or exclusions. If they ignore them there is a “silent cyber” exposure and insureds can argue they are covered for any loss.

Insurance advisors like Beacon must address these challenges as they review policies.




About the Author

Harry Cylinder

Harry Cylinder, CPCU, ARM has spent nearly fifty years in the insurance industry, the majority of the time as a consultant. He has been employed by The Beacon Group of Companies since 2008, specializing in the review and analysis of property and casualty coverage forms. Mr. Cylinder has been reviewing policy forms as they have evolved over the past decades. In 2008 he published an article in the CPCU Journal which was the first description of cyber insurance coverage for a general insurance audience. Since that time he has regularly written on cyber and other topics for The Beacon Companies’ blog.