Dive Brief:
- The insurance industry is shaping new products for utilities who want to protect themselves in the event of a costly cyberattack, such as one resulting in a widespread power outage, E&E Publishing reports.
- Policies are being carefully written because insurance companies are not sure how large the potential costs are, and utilities are lobbying for greater protections from terrorism-related losses.
- The question of how to quantify cyber-risks for utilities will likely mean a new level of scrutiny by insurance companies on a utility's security system.
Dive Insight:
The costs associated with a power outage are potentially enormous and, in today's smart grid-connected systems, cyberattacks pose unprecedented risk. The 2003 Northeast blackout may have cost some $10 billion, according to one report.
Because every utility is different, insurers cannot offer a uniform product. Each policy is tailored to a utility's needs and existing grid and security system, but the result is a slow spread of new insurance products.
Utilities may already have "valuable existing language" that could help cover them in the event of a cyber attack, according to one attorney interviewed by E&E. He warned insurance companies may balk at paying cyber claims, but also said there have been recent court cases that may help enable such claims.