When people hear about cyberattacks, they often think about data breaches, where confidential, sensitive, or protected information is released to an unauthorized person. That is only one type of cyber loss and one portion of the cyber coverage available on today’s market. As cyberattacks evolve, so has cyber insurance coverage.
Two of the most common cyber risks for the construction industry are: (1) social engineering fraud (i.e., “phishing” or “CEO fraud”); and (2) contingent business interruption (losses caused by interrupted services from a third party). Today’s cyber insurance policies may cover both.
Most of us have been on the receiving end of an obvious phishing email, where the sender attempts to convince us to take some action by impersonating a trustworthy party. Other scams target specific individuals within a company, or imitate the CEO in the company. Sometimes, however, these attacks can be quite sophisticated. For example, the cyber attacker could pose as a trusted vendor, client, or employee (complete with a similar “spoofed” email address), and request payment of an outstanding invoice via wire transfer. Companies of all sizes and in a myriad of industries are targets. The FBI reports in excess of $1.7 billion in such losses in 2020 alone.
This type of loss is unlikely to be covered under commercial property policies. However, coverage is available for such losses under many cyber policies.
Alexandra “Sahsa” Selfridge is an experienced trial attorney in a wide range of civil litigation, including insurance coverage, construction defect, appellate practice, business litigation, premises liability, breach of contract, products liability, and transportation litigation.