Historically, cyberattacks have targeted data and information systems, but the threat landscape is shifting. Cyber incidents are increasingly impacting critical infrastructure, machinery and equipment, leading to physical damage such as fires, explosions and machinery breakdowns.

These events can compromise:

1. Process controls in industrial environments
2. Communication systems in water treatment facilities and pipeline operations
3. Safety functions in building automation
4. Navigation systems in autonomous vehicles

The consequences range from operational disruptions to serious safety risks.

Coverage Gaps in Traditional Insurance

Cyber insurance policies typically exclude physical and property damage, while property insurers have introduced cyber exclusions to limit liability for such events. This evolving risk profile is creating coverage gaps challenging traditional insurance frameworks.

The Rise of Cyber Incidents with Physical Consequences¹

The 2017 NotPetya and WannaCry ransomware attacks triggered lawsuits against property insurers, who argued these losses fell outside traditional property coverage. In response, insurers conducted portfolio audits and introduced diverse cyber exclusions across property and other lines.

Broad Cyber Exclusions

Lloyd’s led the market by implementing broad exclusions in property and casualty policies.² These often include:

• Full exclusions with writebacks for resulting fire, explosion or mechanical breakdown
• Split exclusions distinguishing between:
  • Malicious cyber acts (typically excluded)
  • Non-malicious incidents (sometimes covered)

Even when coverage is available, it’s often limited to direct physical loss, excluding consequential losses like business interruption. Some exclusions are absolute, removing all coverage regardless of cause or intent. In layered property programs, these exclusions can vary by insurer, creating inconsistent coverage gaps.

Emerging Insurance Solutions

To address these gaps, insurers are offering blended coverage solutions that integrate Cyber, Property and Casualty protection. Key options include:

• Cyber insurance with Property Damage DIC (Difference in Conditions) dropdowns
• Custom Cyber Property Damage policies with traditional cyber options
• Cyber insurance with added physical and non-physical coverage

Coverage limits can reach $500M+, available as standalone programs or integrated with traditional cyber policies.

Information Required for an Indication

Buyers can obtain a non-binding indication with:

1. Their cyber submission
2. Annual revenue
3. Business interruption values
4. Property policy

Additional documentation, such as an Operational Technology Cyber Property Damage application or an underwriting call, may be needed to bind coverage.

The Brown & Brown Approach

As automation, robotics, cloud computing and AI become embedded in business operations, it’s critical to scenariotest exclusions to avoid unintentionally restricting coverage.

Cyber-physical impacts vary by:

• Industry
• Business model
• Technology use
• IT controls
• Ownership of physical assets

Brown & Brown offers tailored risk assessments and cyber risk modeling to identify exposures and insurance gaps. Our team is actively tracking market developments and can provide strategic guidance.

Contact your Brown & Brown representative to explore how we can support your cyber-physical risk strategy.

1. 2025 OT Cyber Threat Report – Waterfall & ICS Strive https://waterfall-security.com/wp-content/uploads/2025/03/2025-OTCyber-Security-Threat-Report.pdf?mc_cid=53c324e382&mc_eid=0069fc2d69

2. Examples can be found at https://lmalloyds.com/wp-content/uploads/2025/06/CyberClauses-update-9-December-2024-1.pdf

Property & Casualty Team