An unnamed sovereign state, terrorists, or a rebel faction pilfered $10 million through an unauthorized wire transfer, and then unleashed Aurora, Stuxnet, or a yet-to-be named cyber-pestilence on your “supervisory control and data acquisition” (SCADA) systems. When the dust cleared, you had $8 million in physical damage to your plant. But your risk manager is not concerned. “This is exactly why we purchased that cybersecurity insurance policy and put the cyber endorsement on our property policy,” she tells you. You relax. Proper prior planning prevents poor performance.
Or did it? Your policies contain a “war exclusion” excluding loss caused by “foreign enemies.” Is all that planning to be negated?