Business insurance trends, Part 3: Cyber insurance, smart equipment, shipping and a plug for insurance reviews

Kirk Boyd and Emilie Roy

Background. Headline-grabbing issues such as cybersecurity and climate change, pandemic-related losses, increasing D&O claims, and high premiums are prompting businesses to examine their insurance programs for cost saving opportunities or additional coverage options.

Impact. An insurance review takes time, people power, and expertise. This is prompting executives and risk managers to retain independent experts, often lawyers, to help them understand what insurance brokers are recommending and how these recommendations mesh with their business needs. An independent review is particularly beneficial when placing insurance for the first time, comparing different coverage options in advance of renewals, and exploring self-insurance for a portion of an insurance program.

Top tip. Look for legal experts who will give you the knowledge and confidence to have meaningful discussions with your broker and are willing to work closely with them to help navigate the ever-changing insurance landscape.

Eric Charleston and Julie Gauthier

Background. With cyber breaches costing Canadian organizations an average of $6.75 million per incident in 2021 and ransomware attacks increasing in severity and sophistication, it’s becoming more difficult and expensive for organizations to obtain cyber insurance. At the same time, provincial governments are taking the protection of personal information more seriously. Québec’s adoption of Bill 64, for example, will introduce substantial legal requirements for organizations over the next three years — everything from expanded breach reporting to new rules for consent. We expect the rest of Canada to follow Québec’s lead over the next two to five years.

Impact. To obtain cyber insurance at a reasonable cost, organizations will need to convince insurers that they are a good risk. Regulatory changes will mean increased reporting requirements, higher fines and more comprehensive breach investigations. The good news? Having robust security and data management policies, including multi-factor authentication, a strong incident response plan, data mapping and data retention protocols, can help you both win over insurance companies and comply with stricter regulations. These same policies will also help reduce your exposure to liability in the event of a breach.

Top tip. Ask your external counsel if they have pre-packaged programs, such as a cyber hygiene insurability audit, to help you prepare a first cyber insurance application or reduce your cyber insurance costs. Our free cyber hygiene checklist is a great place to start (contact Eric Charleston for your copy). Legal counsel can also help you put together an incident response plan and recommend steps to minimize your threat exposure.

Bob Love and Sarah Makson

Background. Industries that use autonomous vehicles, machinery and systems are able to increase efficiency and decrease costs, and tech adoption is catching on in new sectors such as agriculture, mining and construction. The advantages are obvious. Not so top-of-mind are questions about liability. Who is responsible for defects, breakdowns, misuse, accidents and privacy breaches? What are the implications for intellectual property, marketing, warranties, data rights, cybersecurity and safety? What happens if technology that is integral to operations is discontinued? What risks are assumed by users of autonomous equipment as opposed to owners? Is software — which is licensed, not owned — covered by a general commercial liability policy?

Impact. Businesses that don’t confirm they have adequate insurance coverage for different scenarios may be vulnerable. This also goes for insurance companies that fail to adequately quantify risk, allocate liability and price premiums, and equipment manufacturers and software developers that don’t mitigate their exposure to claims from equipment owners and users.

Top tip. If you’re a business owner, speak to your insurance broker to understand the limits of your liability policies and arrange for supplementary coverage if required, particularly for claims related to software licenses. When it comes to contract negotiation with equipment manufacturers and software companies, businesses should work closely with vendors and legal counsel to determine responsibilities, repercussions for breaches, and liability, particularly in the case of misuse by an end user or failure of the autonomous system.

Jean-Marie Fontaine and Nigah Awj

Background. If a vessel is involved in an incident in Canadian waters, victims can claim for death, personal injury and property damage up to certain liability limits. For larger vessels (300 metric tonnes and up), these limits are set by the Convention on Limitation of Liability for Maritime Claims. Limits for smaller vessels are set by the Canadian Marine Liability Act. Under the Act, ship owners are liable up to a maximum of C$500,000 for property damage and C$1 million for loss of life or personal injury — values that haven’t changed since 2001. Amounts are subject to periodic review and we expect them to double in 2022.

Impact. If you own, operate or manage a small ship, your insurance premiums for incidents in Canadian waters are based on existing exposure limits. Once limits increase, your exposure will increase as well, but your insurance may not cover the difference.

Top tip. Review your insurance policy with your broker to ensure that when the new limits come into effect, you have coverage up to the new liability limits.

BLG is Canada’s law firm for insurance, with more than 150 connected professionals across the country delivering leading edge, no-nonsense solutions for clients who want to review their insurance products, expand or change their business and obtain claims assistance.