Skip Ribbon Commands
Skip to main content

​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​

 

‭(Hidden)‬ Catalog-Item Reuse
Markets
TAGS

XL Catlin Broadens Cyber Coverage for Middle Market

The pace of change regarding technology risk moves very quickly. The impetus for enhancing XL Catlin’s cyber product, CyberRiskConnect, was to get current—then get ahead of the curve.
by
Sponsored by

PRODUCT: CyberRiskConnect

COMPANY: XL Catlin

BEST RATING: A (Excellent)

AVAILABILITY: Coverage is available on an open‑brokerage basis.

FOCUS: From ongoing invention of new technologies to the changing definition of “cyber,” the pace of change regarding technology risk moves “very, very quickly,” says John Coletti, chief underwriting officer for XL Catlin’s Cyber & Technology group in North America. “You get to a point where you tend to be endorsing coverage over and over again just to stay up to date.”

The solution: building forward‑thinking changes directly into a standalone cyber policy. The impetus for enhancing XL Catlin’s cyber product, CyberRiskConnect, was to “get current, and then try to get ahead of the curve,” Coletti explains.

With so many carriers vying for cyber business, what sets the latest version of CyberRiskConnect apart? Colleti cites four features he believes put the product on the “cutting edge.”

First, the policy’s built‑in first‑party coverage for loss of business income does not involve a time restriction. “That’s unique in the market—most of our competitors are limiting that reimbursement period to a certain number of days,” Coletti explains. “We leave it open. Whenever your business is back up and running, that’s when this period of restoration ends.”

Second, although business interruption coverage only kicks in after a waiting period, CyberRiskConnect eliminates the time lapse restriction on extra expense coverage—only a retention applies. “We wanted to motivate our insureds to remedy this problem as quickly as possible,” Coletti says. “The insured can start collecting on that coverage as soon as that cyber event takes place.”

Third, the policy extends the period for data breach response costs from 12 to 18 months. And fourth, it broadens the definition of “third‑party provider.” “Whether they’re entrusted to hold data, provide services, fulfill supply chain or something else, those vendors can have events happen to them that negatively impact our insureds,” Coletti explains. “Under our policy, ‘third‑party provider’ is not only your technology partners. It can mean any business you’re relying on.”

Finally, XL Catlin also allows insureds to select their own preferred breach response providers—legal counsel, computer forensics firms and the like—in the aftermath of a cyber incident. “We believe our vendors are the best in the country, but we don’t want to demand that our insureds have to use them if they have a competent alternative,” Coletti says. “I don’t think the relationship between an insured and an insurer should be adversarial.”

UNDERWRITING: Coverage is available on a primary or excess basis, with limits up to $15 million. In addition to the features outlined above, CyberRiskConnect includes a broad errors & omissions trigger, coverage for third‑party recall loss of use, data breach response and crisis management cost limits on an aggregate or outside‑the‑limit basis, and coverage for data recovery, cyber extortion and ransomware.

Data breach response and crisis management coverage includes fines and penalties assessed, and all third‑party insuring agreements now provide expanded coverage for wrongful acts committed by employees, outsourced providers and other third parties for whose wrongful act an insured is legally responsible.

Enhancements are available to address the payment card industry, social engineering, system failure, dependent business interruption and more.

“Instead of building in every enhancement under the sun, we will provide these enhancements to the insureds as they request them,” Coletti explains. “Cyber and technology insurance policies are getting broader and bigger. We said, ‘Let’s not make a one‑size‑fits‑all policy for every insured out there.’ We don’t want to give someone a 40‑page policy when we could give them a 20‑page policy that is tailored to fit their needs.”

MINIMUM PREMIUM: Varies by risk.

TARGET: Ideal segments include retail, financial, health care, professional services, manufacturing, higher education, power and utility, software, hardware, cloud services, system integration, IT consulting, telecommunication and internet.

But because the type of client that needs cyber insurance has “exploded,” Coletti says XL Catlin takes “very much an open approach. Our target for CyberRiskConnect is any business or technology company” with at least $20 million in revenue.

COVERAGE TERRITORY: All 50 U.S. states.

CONTACT: Elissa Doroff, vice president and product manager, Cyber & Technology; XL Catlin; 200 Liberty Street, New York, NY 10281; 212‑915-6542.

Jacquelyn Connelly is IA senior editor.

13928
Tuesday, June 2, 2020
Cyber Liability