Lloyd’s Carves Out Cyber-Insurance Exclusions for State-Sponsored Attacks

The insurer won’t pay for ‘acts of cyber-war’ or nation-state retaliation attacks.   

Fallout from nation-state sponsored cyberattacks will no longer be covered under cyber-insurance policies issued by famed insurer Lloyd’s of London.

The insurance juggernaut’s underwiring director Patrick Davidson just released four new Cyber War and Cyber Operation Exclusion Clauses, outlining the new terms.

The company explained it will no longer cover losses resulting from “cyber-war,” which it defined as a cyber-operation carried out as part of a war, any retaliatory attacks between specified states, or a cyber-operation “that has a major detrimental impact on the functioning of a state.”

Countries specified in the exemption language are China, France, Japan, Russia, the U.K. and the U.S.

The insurer’s new definition of cyber-war leaves plenty of latitude for the insurer to refuse to pay.

Under the Lloyd’s of London explanation, they can also refuse to pay on nation-state-sponsored attacks on services essential for a state to function, like financial institutions, financial market infrastructure, health services and utilities, according to the exclusion documents.

“In discussion with Lloyd’s it has been agreed that, in respect of standalone cyber-insurance policies, these clauses meet the requirements set out in the

Read More: https://threatpost.com/lloyds-cyber-insurance-exclusions/176669/