Last Friday’s Distributed Denial of Service (DDoS) attack on DNS provider Dyn Inc., used Mirai, a new malware program, to access internet of things (IoT) devices and flood Dyn’s computers with tens of millions of Internet Protocol (IP) addresses. The attacks untimely shut down websites such as Twitter, Spotify, Netflix, Amazon, Tumblr, Reddit, The New York Times and several other websites throughout the day, an event that Andrew Harris, CEO of Liberty Insurance calls “overdue,” according to a Property Casualty 360 article. “It’s no longer the student hackers or people who do this as a hobby or for fun,” Harris explains, “In the nation states, they have been trying to get into critical infrastructure for some time. That includes banking and insurance … This is a wake-up call for the insurance industry to recognize that we need to advise our clients that cyber protection and cyber awareness is critical.”
Harris explains that this underlines the need for the insurance industry to develop a standard Cyber Liability form which will serve as a basic cyber policy encompassing all sectors. “The first step is building a standard Cyber policy that is an industry standard, with basic coverages on all types of Cyber policies,” said Harris. “As with most of the things that ISO builds, it will be done in conjunction with agents, companies and reinsurers.” By offering a standardized cyber policy, Harris explains that brokers will be more comfortable selling a policy they know includes the basic cyber coverages. The larger clients can then choose to expand to stronger and more sophisticated coverage through “a la carte” policies.