Germany’s Munich Re Group has gone through a rewording process to exclude war from its cyber insurance policies.

Cybersecurity Risk

The measures come out of a fear of potential disputes coming to fruition owing to confusion over is what covered, as cyber warfare stage on the global stage intensifies.

Cyber insurance typically protects organisations against loss of business and damaged infrastructures in the event of a cyberattack, but war is left out of the equation. In areas where the wording could be construed as opaque, insurers are fearing that claims made due to cyber warfare could leave companies understanding that they are covered.

Last week, S&P Global said that the ongoing conflict in Ukraine could lead to insurance losses of over $35 billion, with cyber being one of the most vulnerable classes in the sector.

Munich Re is now pushing to establish greater clarity in its clauses, based on descriptions developed by Lloyd’s of London market in 2021. While not yet “a classic cyber war”, Juergen Reinhart, chief underwriter for cyber, at Munich Re, said that it was best to act now and “not wait.”

Global commercial insurer, AIG is another multinational moving to reduce its links with Moscow through its consideration to cut cover for Russia and Ukraine.

Reinhart has also said how Munich Re may introduce new wording formats on its direct cyber insurance offerings, with the group also hinting that cyber insurance clients follow suit with similar clauses.

Many court cases have arisen over the past 24 months as a result of ambiguous interpretations of insurance policies regarding the Covid-19 pandemic, a situation that has taught industries “how painful it is if you have unclear wordings,” Reinhart added.

“Our intention is to have very, very clear wordings…and avoid surprises,” Reinhart continued.  

Julia Graham, chief executive of UK insurance buyers’ association Airmic, said that all groups need to know where they stand.

“There has been a lot of uncertainty among Airmic members around war exclusions, especially for their cyber policies. The lack of standardised policy wordings on cyber in the market has certainly not helped things,” Graham said.

PrivSec World Forum

Part of the Digital Trust Europe Series - will take place through May, June & July 2022, visiting five major cities; 

Brussels | Stockholm | London | Dublin | Amsterdam

PrivSec World Forum is a two-day, in-person event taking place as part of the Digital Trust Europe series. Data protection, privacy and security are essential elements of any successful organisation’s operational make-up. Getting these things right can improve stakeholder trust and take any company to the next level.

PrivSec World Forum will bring together a range of speakers from world-renowned companies and industries—plus thought leaders and experts sharing case studies and their experiences—so that professionals from across all fields can listen, learn and debate.


PrivSec World Forum