Cyber Claims Case Study: Beyond the breach – hospital faces huge operational disruption

Healthcare providers, like any business, are exposed to a range of cyber exposures, including malware attacks, which can have a devastating impact on their operations, especially in relation to system damage and business interruption costs.

In this month’s cyber claims case study we have reviewed a malware attack at a small hospital and how our policy assisted with making the hospital operational again. While many cyber policies exclude physical property and hardware replacement costs, the hospital’s cyber policy from CFC provided cover for these items.

Here are a few key points from the case study:

  • Healthcare organisations have often seen their cyber risk as being primarily about data breaches, but the impact of other cyber events like malware attacks can be just as severe.
  • Any business that relies on computer systems to operate can have a substantial exposure, particularly when it comes to system damage and business interruption costs.
  • Some cyber insurance policies only cover data breaches, but it’s important to also consider operational interruption costs that could be incurred by a destructive malware

Read the full case study here and look out for our next Cyber Claims Case Study next month

CFC’s dedicated policy for nutraceutical companies

Interest in health and nutrition-related products is on the rise, making nutraceuticals an exciting and emerging industry. 

In fact, experts believe that by 2021, the nutraceutical industry alone will be worth $279bn.* An aging baby boomer generation combined with rising awareness about the benefits of a healthy lifestyle, especially among millennials, is driving this growth.

It’s clear that the evolution of this industry represents a huge opportunity for businesses involved in the manufacture and distribution of nutraceutical products. However, this inevitably comes with increasing exposures such as bodily injury or the threat of a publicised recall of a contaminated product.

CFC’s dedicated policy for nutraceutical companies can help manage these risks and provide peace of mind.  Read our brochure for full details.

CFC’s Life Sciences policy is designed to cover the full breadth of unique risk exposures faced by Life Science businesses. This innovative insurance product allows companies along the entire Research & Development chain to secure their funding streams and general business activities. Suitable for a range of companies from drug developers, CROs, CMOs and contract research service providers, our policy includes the below features and can be tailored to meet specific business needs.

Your top GDPR questions, answered

With GDPR now in force, we’ve addressed your most pressing questions to help you and your clients understand the complexities of the regulation.

GDPR was enforced on 25th May 2018. To ensure compliance, any company involved with the collection of personal data needs to make significant changes to the way they collect, process or document the data. Whereas some privacy tools and procedures have previously been seen as good practice, they will now become legally required. Fines for non-compliance can reach up to €20m or 4% of an organisation’s group worldwide turnover.

Whether GDPR applies to you, if it’s just about data breaches, are the fines insurable and whether your cyber / tech insurance policy covers it – it’s all your questions answered. You can read the full document here.

And don’t forget about your partners, especially if you’re a data processor. If you use sub-processors or contractors, they’ll need to comply with your contractual data protection obligations too. For more information on how the GDPR impacts data processors, view our quick guide.

CFC launches first insurance offering for financial institutions

Comprehensive policy for investment managers extends traditional cover to include cyber and kidnap and ransom

Specialist insurance provider, CFC, has launched its first insurance solution for financial institutions. CFC’s Investment Management Insurance (IMI) policy is the first in a suite of products designed to address the challenging risk environment faced by investment managers.

Combining its heritage in cyber and technology insurance with expertise in financial institutions, CFC’s IMI product knits together the traditional cover that investment managers require with comprehensive cover for emerging risks including cyber and kidnap and ransom, into a single policy.

Cover is provided for management liability, professional liability, crime, and regulatory investigations, and cyber coverage can be easily added on to protect against the financial impact caused by privacy and cyber-crime events. Should they need it, policyholders also have access to CFC’s industry-leading incident response team. Additional D&O limits are available for non-executive directors.

The IMI policy also offers global coverage as standard, so that companies are covered for claims made anywhere in the world, not just in a single territory.


Neil Beaton, Financial Institutions Practice Leader at CFC, said, “Financial institutions are not only changing how they do business by utilizing technology in new and different ways, they’re also subject to significant regulatory burden and an increasing threat of cybercrime,” he added. “The insurance market has failed to adapt to these new exposures, so CFC is developing a modern, relevant suite of products that cater to the emerging risks that financial institutions face today. We saw a clear gap in the market for a comprehensive product addressing the need for protection against emerging, complex risks in the investment management space. Being able to offer a fully-blended policy reduces gaps and overlaps in cover.”


CFC’s IMI product is suitable for hedge funds, long-only equity funds, private equity and venture capitalists, REITs and other property (UK) and real estate (US) funds as well as registered investment advisors. It provides investment managers and financial institutions with a maximum liability limit of $10,000,000 and minimum policy premiums start at $10,000.

CFC announced the creation of its financial institutions practice led by Neil Beaton in November 2017. Beaton was recently joined by veteran financial institutions and cyber underwriter Josephine Tam, most recently of JLT Speciality and Axis Insurance in New York.

You can find out more about the Investment Management Insurance policy here.

Cyber Claims Case Study: The importance of cover for data re-creation

Cyber risk often touches companies in unexpected ways. In May 2017, an engineering firm learned this when it lost access every last piece of data it held. This included all of the firm’s technical drawings, prints and complex design specifications.

We’ve created a in-depth case study about the event and how our policy helped calculate and cover the financial loss associated with total data re-creation. Here are a few takeaways:

• Even if an organisation is not storing personal data, they are still likely to have cyber exposures.

• Any business that relies on computer systems to generate or store business critical information is vulnerable to cyber risks if they lose or are unable to access their digital files, and purchasing a cyber insurance policy that provides appropriate cover is a key way of managing these risks.

• There is a key difference between data recovery and data re-creation. Lots of cyber policies will only cover the cost to recover data from back-ups, not the cost to re-create data. CFC’s cyber policy provides cover to re-create data from scratch.

Read the full case study by clicking on the link below, and stay tuned for more Cyber Claims Case Studies, now coming to you monthly.

Read the full case study here

CFC launches cyber insurance guide for brokers at BIBA 2018

BIBA press releaseSpecialist insurance provider behind BIBA’s cyber insurance scheme, CFC, will be launching its new BIBA Cyber Guide at BIBA 2018.

While one of the most talked about topics in business insurance, cyber insurance also seems to be one of the most misunderstood. CFC’s new guide aims to cut through the jargon and buzz words and bring simplicity to what has long been considered a complex line of business.

NOW AVAILABLE: Click here to read the BIBA Cyber Guide

“Cyber insurance policies tend to be modular in nature, consisting of a variety of different coverage areas so it’s no wonder that this has led to confusion around what they cover and how they work,” says James Burns, Cyber Product Leader at CFC. “We’ve worked with BIBA to produce this straightforward guide providing brokers with clear information about what cyber is all about and how they can articulate it to their clients.”

CFC’s BIBA Cyber Guide gives brokers simple information about what cyber actually means and how this area of insurance has evolved. It covers the types of cyber risks and types of cyber claims, drilling down into how a policy responds and providing brokers with some valuable tips on how they can overcome the most common objections they face when discussing cyber with their clients.

To guide brokers through the cyber maze, Graeme Newman, CFC’s Chief Innovation Officer, will be talking through the new BIBA Cyber Guide in a Seminar Session at 10.40am on Thursday 17 May. He will be joined by Richard Hollis, CEO, Risk Factory who will share his perspective on cyber threats.

CFC’s International Cyber Team Leader, Lindsey Nelson, will also be helping young brokers to build their cyber knowledge at the Young Broker Session at 12 noon on Thursday 17 May. Specialising in cybercrime as it pertains to companies across various industry sectors, Lindsey will discuss the real cost of cyber incidents in the UK and preventative risk management practices that companies can introduce.

Delegates will also have the opportunity to meet CFC’s underwriting experts managing both the BIBA cyber and product recall schemes on stand B51 to find out more about each proposition and the benefits they deliver to BIBA members and their clients, as well as the many other specialty products available from CFC.

Click here to read the BIBA Cyber Guide

CFC tops the charts in the Insurance Times Cyber Product Report 2018

Team celebrating We are proud to have taken the top spot in this year’s Insurance Times Cyber Product Report. Our cyber policy achieved the highest score in the review test, scoring 90 out of 100 points, and marking us out as the only provider to receive the publication’s superior cover rating – with the highest level of coverage available for the SME market.

We were called out in particular for the wide range of risks that we cover (the broadest of all the policies reviewed for this report), insuring against everything from business interruption to reputational damage following a breach. Given the pace at which cyber risk is evolving, maintaining up-to-date and relevant coverage is a constant focus for our team.

Our policy also received particular recognition for the fact that it does not include exclusions for cyber events arising from terrorism or socially motivated hacking, nor an aggregate limit that would otherwise restrict cover in the event of multiple cyber breaches within a single policy period.

Some of the additional benefits that we offer, extending above and beyond the rating criteria used in this report, are:

– Enhanced cyber crime definitions that include cover for theft of funds.

– Provision of a range of crisis management and other incident response services, such as forensic IT investigations, legal services, breach notification and crisis communications, as well as a dedicated app that provides 24/7 access to CFC’s global cyber incident response centre.

Beyond this, we are particularly pleased to have been recognised for our “clear and concise” policy wording. This is so important, and core to our DNA. A commitment to simplicity avoids any confusion around which scenarios are covered and which are not.

As the nature of crime changes, so too must insurance policies. We’re on it – and leading the way.

Click here to read the 2018 Report

This report was reproduced with permission from Insurance Times. All rights reserved. No part of this publication may be reproduced or transmitted in any form, by any means, electronic or mechanical, including recording, photocopying or any information storage or retrieval system, without written permission from the publisher.

Royal Accolade for CFC Underwriting

Royal Accolade for CFC UnderwritingCFC is proud to announce that Her Majesty The Queen has approved the Prime Minister’s recommendation that CFC should receive a Queen’s Award for Enterprise in the International Trade category.

Winners in this category are recognised for having demonstrated a substantial and sustained increase in export earnings over three consecutive 12-month periods, to a level which is outstanding for the products and services concerned, and for the size of the organisation.

With a track record of pioneering emerging risks and disrupting inefficient insurance markets, CFC has grown to become one of the fastest growing specialist insurance providers in the UK. From just one office in the City of London, the business provides its range of insurance products exclusively through authorised insurance brokers in over 75 countries around the world.

CFC was previously awarded a Queen’s Award for Enterprise in International Trade in 2013.

“Speaking on behalf of the entire team, we are incredibly honoured to once again be recognised by Her Majesty The Queen for our contribution to UK business in achieving substantial growth in overseas earnings,” says David Walsh, CFC’s founder and CEO. “We are an insurance exporter in the truest sense of the word. We don’t set up local operations or buy up the competition, we export. Last year we brought in over £150m in premiums to the UK from overseas customers who would normally have purchased their insurance locally.”

“At CFC, we are very proud that today 60% of our business is owned by management and staff. Our success lies in their passion, entrepreneurialism, dedication and sheer hard work to deliver remarkable products and service. This award recognises their efforts. I couldn’t be more proud of them and firmly believe that by continuing to support these qualities in our team, we will achieve our business goals.”

The Queen’s Awards for Enterprise have been operating in various forms since 1966, developing over the years into the UK’s most prestigious business accolade. Today, the Awards are widely recognised as a highly valued mark of excellence across many sectors in a diverse and competitive business market.

CFC now offers Umbrella Excess cover

Suited man with technological umbrellaWe know what you’re thinking… in London without an umbrella?!

Not anymore!

CFC now offers Umbrella Excess to new and existing clients in the US.

With limits of up to $5 million, our Umbrella Excess can sit over a client’s auto, employers’ liability, general liability and errors & omissions policies. The policy extends a client’s primary limits providing extra peace of mind and maximum protection.

Umbrella Excess is offered by our Professions, Technology, Healthcare, Media, Life Science and Property & Casualty teams, and is available for a wide range of professional firms. From accountants and architects to IT programmers and recruitment agencies – if we’d offer an E&O policy, we’ll likely be able to write the excess cover.

Read our coverage highlights here, or get in touch with our underwriting teams to learn more.

CFC expands cyber proposition for US healthcare providers

CFC expands cyber proposition for US healthcare providersToday we’re pleased to announce the newest version of our cyber insurance product for US healthcare providers. With the latest policy, CFC enhances its combined cover for privacy and operational disruption with industry-specific features to help healthcare organizations prepare for and respond to cyber incidents as well as comply with industry regulations.

“While most healthcare providers are aware of their privacy and data breach exposures, they can easily overlook cover for operational disruption. The unprecedented increase in malware attacks has shown that operational exposures must be addressed – in fact, we’re now seeing the costs of operational disruption and rebuilding far exceed what a large-scale privacy breach might cost the same entity,” said CFC Cyber Product Leader, James Burns. “Our stand-alone cyber product for the US healthcare sector is tailored to their unique risks, helping limit the impact of a cyber incident on their organization.”

CFC’s latest cyber insurance product addresses the exposures and regulatory requirements unique to US healthcare organizations and ensures that core elements of cover are available each time a crisis strikes, even if a policyholder experiences multiple cyber incidents in the same policy period.

Unlike most cyber insurance products, CFC’s cyber policies offer the provision of first party cover on an “each and every claim” basis and don’t restrict policyholders with policy aggregates. Additionally, CFC’s cyber offering for US healthcare providers is one of the only available cyber products to include cover for HIPAA corrective action plans and cover for bodily injury resulting from a cyber attack alongside cover for the costs associated with improving risk management controls following a breach, system repair costs and incident response costs in addition to the limit.

Burns adds: “CFC offers a market-leading cyber insurance product backed by a global response capability which ensures our policyholders not only have comprehensive cover, but that they can recover quickly from cyber incidents.”

CFC has the largest dedicated cyber underwriting and claims team in the London market. Learn more about CFC’s Cyber for Healthcare insurance offering, or read the CFC cyber blog.