Cyber Fraud Negligence Claim Excluded by Claims-Made Policies

A recent legal decision highlights a significant hurdle for organizations seeking coverage for cyber fraud. According to Cyber Threat Intelligence, a negligence claim stemming from cyber fraud was ruled to fall outside the scope of consecutive claims-made cyber policies. This ruling essentially means that if a policy is structured as ‘claims-made,’ meaning it only covers incidents reported during the policy period, and the fraud’s negligence claim wasn’t lodged within that specific timeframe, coverage can be denied, even if previous policies were in place.

This case underscores a critical nuance in cyber insurance: the distinction between when an event occurs and when a claim is made. Cyber Threat Intelligence points out that the court’s interpretation focused on the ‘claims-made’ trigger. Even though the underlying cyber fraud might have occurred over a period, the negligence claim related to it was deemed to have arisen outside the active policy period. This outcome can leave businesses exposed, especially if there are gaps or misunderstandings in how their cyber insurance policies are structured and what triggers coverage.