Abstract
ABSTRACT Faced with defending against myriad online threats, businesses are increasingly turning to insurers to purchase cyber-insurance policies that will shield them from bearing the full costs of these incidents. Eager not to miss out on the expanding market, insurers have aggressively ramped up their cyber-insurance offerings, and in doing so, have assumed enormous responsibility—and power—as the arbiters of what types of state-sponsored cyber-attacks are covered by insurance. This article argues that insurance companies are influencing multilateral processes and setting de facto standards around responsible state behavior in cyberspace through their policies on risk and liability for serious cyber-operations and “cyber-war.” It approaches this issue through the lens of the 2017 Russian NotPetya cyber-attack which led to significant legal disputes between many insurers and their policyholders about whether Russia’s behavior constituted a “warlike action” and was therefore excluded from insurance coverage under standard war exclusions.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
