In addition to claims for business interruption and remediation costs, insurers may also expect to defend costly lawsuits and face insureds seeking coverage for administrative fines related to cyberattacks. (Photo: Shutterstock)
The cost of cybersecurity incidents to insurers has continued to skyrocket, reflecting the rapid pace and growing sophistication of cyberattacks. The financial stakes also are unprecedented, with as much as $21 trillion of worldwide economic-value creation at risk over the next five to seven years, according to McKinsey research.
Insureds' claims for business interruption and remediation costs alone are already significant. Following the 2017 NotPetya ransomware attack, Zurich American received a $100 million claim from international food conglomerate Mondelez, and American International Group (AIG) received a $1.3 billion claim from pharmaceutical giant, Merck. In both cases, insurers denied coverage based on the "act of war" exception, and ongoing litigation will determine if cyberattacks perpetrated by state or state-linked actors are subject to that exception.
Want to continue reading?
Become a Free PropertyCasualty360 Digital Reader
Your access to unlimited PropertyCasualty360 content isn’t changing.
Once you are an ALM digital member, you’ll receive:
- Breaking insurance news and analysis, on-site and via our newsletters and custom alerts
- Weekly Insurance Speak podcast featuring exclusive interviews with industry leaders
- Educational webcasts, white papers, and ebooks from industry thought leaders
- Critical converage of the employee benefits and financial advisory markets on our other ALM sites, BenefitsPRO and ThinkAdvisor
Already have an account? Sign In Now
© 2025 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.
