Cyber Risks, Potential Liabilities and Insurance Responses in the Marine Sector

The marine sector is vulnerable to cyber-attacks as it becomes more dependent on information and operational technology systems connected to the internet. While this allows for greater efficiency, the interconnected nature of such systems will expose the sector to new and evolving cyber risks. The research begins by briefly examining the nature of cyber risks, identifying likely threat actors and the motivation behind such attacks. Through the use of hypothetical scenarios, the researcher identified; i) some of the cybersecurity vulnerabilities particular to the marine sector, ii) the potential losses and liabilities from a cyber-attack / incident and iii) analysed how insurance may be used to mitigate the risks focusing specifically on the adequacy of traditional marine policies as well as cyber insurance policies to cover such risks. Traditional marine policies were analysed to identify the gaps in cyber coverage in addition to the recognition that without a clearly written cyber exclusion clause, insurers will be exposed to risks and liabilities they did not intend to cover. As for Assureds, while traditional hull and cargo insurance policies may cover some risk, they will not fully cover losses unique to cyber risks such as network failure, data loss, business interruption, cyber espionage and reputational damage so they too may not have adequate coverage against cyber-attacks. The main conclusion from the research is that marine and cyber insurance policies currently available do not adequately protect against cyber related losses and liabilities particularly those unique to the marine sector. This is primarily due to the extensive list of exclusions found in cyber insurance policies and commonly used cyber exclusions clauses usually attached to traditional marine policies. The coverage limits are also inadequate to cover the potential losses to marine facilities and assets which are usually connected to a complex supply chain