LONDON (Reuters) - Britain’s 6 billion pounds terrorism reinsurance fund hopes to extend its cover to include cyber attacks on property, chief executive Julian Enoizi said.
Pool Re, set up in 1993, acts as a backstop to insurers paying out claims on property damage and business interruption.
It is financed by the insurance industry with government backing, and pay outs depend on the British government deeming an attack to be terror-related, Enoizi said.
In 2002, Pool Re extended its cover to include chemical and biological attacks after the 9/11 attacks in the United States.
There have been several cyber attacks on property in recent years. In 2014, a German steel mill suffered damage to the plant’s network from a cyber attack.
Enoizi told Reuters that this and other incidents had been ruled out as terror attacks, but Pool Re needed to be prepared.
“Insurance is there for the unimaginable - we’re here to insure the unforeseen,” he said.
The fund has held discussions with the government and industry, and it hopes to add cyber to its coverage in the next few months, he added.
Enoizi said any increase in the premium costs to businesses for adding this cover would be accompanied by discounts for implementing government-approved cyber security policies.
The U.S. cyber insurance market is likely to have totalled about $3.25 billion in premiums in 2016, according to market survey The Betterley Report. The European market is seen as one-tenth of that, but demand has been increasing, insurers say.
Demand is expected to spike after EU legislation on data privacy is implemented by mid-2018. This will require companies to notify authorities of data breaches likely to harm individuals, similar to U.S. arrangements.
But most cyber policies relate to data loss, rather than attacks on property.
“We see this as a gap in the cover,” Enoizi said.
Cyber attacks on property worry businesses and insurers. These include an attack at some apartment buildings in Finland last year which knocked out the heating system when it was below freezing outside. This attack was not deemed an act of terror.
Insurers have said the source of a cyber attack is hard to prove, and most policies pay out regardless of the cause.
Pool Re’s cover would be limited to terror-related cyber attacks, once the British government assessed it to be an act of terrorism, Enoizi said.
Reporting by Carolyn Cohn; Editing by Edmund Blair