American International Group Inc (AIG.N) said it would include cyber coverage to its commercial casualty insurance beginning in January, a move that would boost rates but make it clearer how customers are covered if they are the victim of a security breach.
The change is part of the insurance giant’s effort to shift from issuing policies that do not specify whether cyber losses are covered, said Tracie Grella, AIG’s Global Head of Cyber Risk Insurance, while on the sidelines of a cyber risk conference in New York on Thursday.
AIG is in the process of reviewing all types of coverage it offers to gauge its exposure to cyber risk, Grella said.
Cyber coverage is a mounting concern for companies worldwide as hackers increasingly take aim at their technology systems.
In September, Equifax Inc (EFX.N), a provider of consumer credit scores, disclosed that cyber criminals had breached its systems between mid-May and late July and stolen the sensitive information of 145.5 million people. The hack is among the largest to occur.
Many commercial insurers offer stand-alone cyber coverage, separate from other property and casualty policies, but cyber coverage is not yet a standard addition to most other policies.
But insurers are also struggling to estimate their potential exposure to cyber-related losses amid mounting cyber risks and interest in cyber insurance.
Information from AIG’s review of existing policies will help the insurer better understand the insurer’s overall exposure, Grella told risk managers and insurers at a conference organized by Advisen Ltd, an insurance industry data and technology provider.
Adding cyber coverage to other types of policies will mean higher rates, Grella said. “When you buy affirmative cyber coverage, you should be paying for it,” Grella said.