Cyber security insurance

Legalities: Don’t think the threat of industrial security breach isn’t real. Now there’s insurance to help mitigate financial risks related to cyber security and other threats to control system integrators and their clients.


Industrial HMI by Control Engineering, CFE MediaControl system integrators (CSIs) are playing an increasingly important role in helping our world go round. In fact, it would be difficult to find a person not touched in some way by the work CSIs do. But the insurance industry has been slow to understand and accommodate this industry, meaning most CSIs are buying policies that are unsuitable for them; many policies fail to address and even exclude coverage for some of the basic exposures CSIs face, including cyber security threats.

As parts of the world develop and we all become increasingly reliant on control systems of all kinds in our everyday lives, it will be more important than ever that these gaps are addressed. So let’s go back to the basics by exploring what types of coverage CSIs should really be on the lookout for.

Breach of contract

The single biggest risk facing CSIs is breach of contract. Control systems such as industrial control, manufacturing execution, and plant automation systems, even in their simplest forms, are critical to business success. Delivery delays and not delivering in accordance to what clients expect are two major exposures here. If a client experiences a loss of income due to a delay, error, or even a simple misunderstanding, one can expect the client to claim these costs back from the systems integrator.

The problem is that insurance policies very often have an exclusion for contractual liability. Most professional liability (PL) policies, also known as errors and omissions insurance, were written for traditional professionals like doctors and lawyers, where there is a clear duty of care between the insured and their client, and therefore the contract is merely implied. For CSIs, contracts are central to the way work is undertaken. Take care when looking at this part of a policy to ensure that contractual liability is covered.

Bodily injury, property damage

CSIs use industrial automation equipment and software in the implementation of projects across many industries. A risk lies when these components end up in operational situations that can give rise to bodily injury or property damage. Examples include everything from malfunctioning theme park rides to faulty drilling systems in use on oil rigs as demonstrated by the Deepwater Horizon oil spill in 2010.

Frequently, professional liability policies only include financial loss, so it is vitally important for CSIs that their PL policy is extended to include contingent bodily injury and property damage. Ideally, the professional and general liability coverage would be combined in the same policy in order to avoid the potential for gaps in coverage or arguments arising between insurers. It is also essential that policies do not contain any definitions of technological activities that could restrict coverage.

Cyber threats

An emerging but already very real risk for CSIs is the threat of a cyber attack. Highly sophisticated hackers are increasingly targeting control systems in order to cause major disruption, whether motivated financially or ideologically. A good example of the latter is the Stuxnet virus, which was used in 2010 to disable an Iranian nuclear power plant. The ability to cause havoc from afar is incredibly attractive to terrorist organizations, national defense departments, hackers with a point to prove, and many others.

Indeed, Norton predictions indicate that 2012 will be the worst year so far for hack attacks fuelled in part by so called “hacktivist” protest attacks and cyber terrorism.

With clients increasingly seeing their control systems being the target of cyber attacks, it is inevitable that they will seek to recover any losses through a claim against the integrator. As a result, it is more important than ever to ensure that any terrorism exclusion in a professional or general liability policy is amended to ensure that coverage is still provided for cyber attacks.

Although the insurance market has been slow to catch up with the evolving needs of CSIs, this is changing. Specialist insurance policies that have been tailored specifically to address the risks outlined above are available through groups like the Control Systems Integrators Association.

Also see July cover story on cyber security.

- Graeme Newman is director of CFC Underwriting and discussed insurance with Control Engineering at the CSIA 2012 Executive Conference. Edited by Mark T. Hoske, content manager CFE Media, Control Engineering, Plant Engineering, and Consulting-Specifying Engineer, 

ONLINE extra

Search “Legalities” atop for other engineering legal discussions.

No comments
The Top Plant program honors outstanding manufacturing facilities in North America. View the 2015 Top Plant.
The Product of the Year program recognizes products newly released in the manufacturing industries.
The Engineering Leaders Under 40 program identifies and gives recognition to young engineers who...
Safety for 18 years, warehouse maintenance tips, Ethernet and the IIoT, GAMS 2016 recap
2016 Engineering Leaders Under 40; Future vision: Where is manufacturing headed?; Electrical distribution, redefined
Strategic outsourcing delivers efficiency; Sleeve bearing clearance; Causes of water hammer; Improve air quality; Maintenance safety; GAMS preview
SCADA at the junction, Managing risk through maintenance, Moving at the speed of data
Safety at every angle, Big Data's impact on operations, bridging the skills gap
The digital oilfield: Utilizing Big Data can yield big savings; Virtualization a real solution; Tracking SIS performance
Applying network redundancy; Overcoming loop tuning challenges; PID control and networks
Driving motor efficiency; Preventing arc flash in mission critical facilities; Integrating alternative power and existing electrical systems
Package boilers; Natural gas infrared heating; Thermal treasure; Standby generation; Natural gas supports green efforts

Annual Salary Survey

Before the calendar turned, 2016 already had the makings of a pivotal year for manufacturing, and for the world.

There were the big events for the year, including the United States as Partner Country at Hannover Messe in April and the 2016 International Manufacturing Technology Show in Chicago in September. There's also the matter of the U.S. presidential elections in November, which promise to shape policy in manufacturing for years to come.

But the year started with global economic turmoil, as a slowdown in Chinese manufacturing triggered a worldwide stock hiccup that sent values plummeting. The continued plunge in world oil prices has resulted in a slowdown in exploration and, by extension, the manufacture of exploration equipment.

Read more: 2015 Salary Survey

Maintenance and reliability tips and best practices from the maintenance and reliability coaches at Allied Reliability Group.
The One Voice for Manufacturing blog reports on federal public policy issues impacting the manufacturing sector. One Voice is a joint effort by the National Tooling and Machining...
The Society for Maintenance and Reliability Professionals an organization devoted...
Join this ongoing discussion of machine guarding topics, including solutions assessments, regulatory compliance, gap analysis...
IMS Research, recently acquired by IHS Inc., is a leading independent supplier of market research and consultancy to the global electronics industry.
Maintenance is not optional in manufacturing. It’s a profit center, driving productivity and uptime while reducing overall repair costs.
The Lachance on CMMS blog is about current maintenance topics. Blogger Paul Lachance is president and chief technology officer for Smartware Group.
This article collection contains several articles on the vital role of plant safety and offers advice on best practices.
This article collection contains several articles on the Industrial Internet of Things (IIoT) and how it is transforming manufacturing.
This article collection contains several articles on strategic maintenance and understanding all the parts of your plant.
click me