Cyber Insurance: What the Trucking Industry Needs to Know Right Now

Joe Ohr - July 30, 2024

Insurance is no substitute for vigilance in preventing cyberattacks. The worst ransomware attack to date cost the target company more than $1 billion. Protection against ransomware attacks is critical, and every trucking company must take the necessary steps to prevent them.

And while not every trucking company embraces the idea of cyber insurance, many find it prudent to have an insurance policy against cyberattacks. For those who do, it’s important to understand the best approach to maximizing coverage and the money spent on it.

Market Trends

Given the constantly evolving cyberthreats, the cyber insurance market is always changing. So Shelly Thomas, Dallas-based senior vice president – southcentral zone regional manager of Marsh’s cyber practice, recently updated us on trends in the market – and what trucking companies need to prioritize in their cyber insurance coverage. Thomas spoke during the National Motor Freight Traffic Association, Inc.’s (NMFTA)™ Digital Solutions Conference on Cybersecurity last Fall in Houston, TX.

Rates have decreased this year due to increased competition among insurers offering cyber insurance policies. However, this positive trend is tempered by a rising number of claims and the risk of a systemic or catastrophic event.

Unique Threats to the Trucking Industry

Thomas shared that trucking companies face unique cyberthreats because of the growing presence of technology in the vehicles themselves – particularly when it comes to technological advancement and the emergence of autonomous vehicles.

“The trucking industry needs to be cognizant of this and really focused on the continued strengthening of their defenses – assessing cyberthreats within their organization and bolstering their cybersecurity posture,” Thomas said. “When you think about trucking, you have the truck itself and the technology in the truck, so when you introduce that third-party technology, you introduce supply-chain risk and potential regulatory concerns.”

What to Do Right Now

Thomas recommended that trucking companies do a deep dive into their existing insurance policies related to property damage and bodily injury, both of which present ancillary exposure. When a trucking company is buying a cyber insurance policy, Thomas said the company should work with its broker to craft solutions specific to the company’s individual risk profile – and always to pay attention to exclusionary language in a policy. Which is standard with any insurance policy, but the trucking company needs to know if certain events or circumstances would result in non-coverage in the event of a cyberattack.

The Impact of Attacks

Nothing has driven up the demand for cyber insurance more than the prevalence of ransomware attacks, which are up 64 percent among Marsh clients in 2023, with a median demand of $20 million.

Understanding Sub-Limits and Retentions

Thomas also urged trucking companies to look at one of the details in the fine print: the sub-limits.

For instance, a policy might cover up to $5 million in cyberattacks but earmark only $1 million for ransomware attacks. That means the company will only have $1 million in ransomware coverage. Before buying a policy, Thomas said trucking companies should ensure there are no sub-limits that don’t work for the company. And if it does, the company should have its broker work with the carrier to adjust those sub-limits.

Companies should also pay attention to “retentions,” which are basically the same as deductibles in that the company is responsible for the amount of the retention before the insurer starts paying the claim. If you have a $25,000 retention on a $5 million policy, then you are responsible for the first $25,000 in costs, but you’re still covered for the full $5 million after that.

Dependent and Contingent Business Interruption

Another critical risk that needs to be addressed is dependent business interruption or contingent business interruption. This insurance agreement covers an organization if a vendor under contract were to have a security breach or system failure.  

To be sure you get the full value from cyber insurance:

  • Work with your broker to understand the details of the policy;
  • Do a deep dive into your needs and vulnerabilities;
  • Make sure everything you need covered is included;
  • Make sure there are no unacceptable sub-limits, and ask for changes if there are;
  • Make sure you completely understand the exclusions; and
  • Make sure you can handle the potential cost of retention.

With these details in mind, protect your company! This is why cyber insurance is available, and in today’s environment it’s needed more than ever.

#NMFTACyber — Your Route to Cyber Resilience

NMFTA is hosting its annual Cybersecurity Conference on October 27-29, 2024, in Cleveland, OH. Thomas’s colleague, Carrie Yang, senior vice president for Marsh Cyber Practice, will speak during Monday’s “2024 Trends and Predictions for 2025 and Beyond” panel discussion.

Make plans today to gain in-depth knowledge about the intricacies of cyber insurance and determine if it’s right for your trucking company.

Joe Ohr
Joe Ohr

Joe is the chief operating officer at the NMFTA. He brings to the organization over 20 years of experience in engineering product software, gained from roles at Omnitracs, Qualcomm, and Eaton. Ohr has provided strategic guidance, vision, and a roadmap for addressing long-term customer challenges. He has played a key role in accelerating revenue growth and has collaborated closely with IT, product, and engineering teams to foster stronger partnerships with strategic customers and peers.