Insurance Coverage
Underwriting is based on regulatory requirements
  • IMO 2021/ISPS: cyber security risk management now a regulatory requirement for safe operations
  • From a regulatory perspective all ships need to be cyber seaworthy : a fundamental legal principal for a prudent shipowner, reinforced in conventions
  • Ports have similar national requirements (e.g. US Coast Guard Maritime Cybersecurity Assessment and Annex Guide)(MCAAG)
Introducing AstaaraCyber – Ships / Ports physical loss of damage only cover
Section Cyber insurance coverage Commentary
1 Cyber Incident definition
  • An un-authorised act or activities on a computer network controlled by the insured
2.1.1 Physical loss or damage to ship
  • Cost of repair to hull as per the cover afforded on a non cyber basis
  • Coverage would also respond to sue and labour expenses to mitigate loss e.g. cost of tow + ships proportion of General Average (GA)
2.1.2 Loss of hire
  • Cost of loss of hire for duration (up to insured limit) of cyber incident subject to damage to the ship as per underlying non cyber coverage purchased by insured
2.1.3 Confiscation / Expropriation / Nationalisation / Deprivation
  • Full hull value Constructive Total Loss (CTL) / Actual Total Loss (ATL) arising from foreign state cyber incident leading to CEND event
2.2 Ports Physical loss or damage, liability and port craft
  • Coverage as per Wavelength, the main Ports wording used
2.3.1 Breach Response (incl. Defence & Remediation and Fines / Penalties)
  • Costs of response / incident management
  • Cost of fine or penalty arising from cyber incident leading to a fine under safety legislation / cyber security legislation and or GDPR or privacy laws
2.3.2 Non-physical damage to ship / ports IT systems
  • Cost of repair / reinstatement to information technology where damaged or non-physical damaged
Shoreside cover

Taken from: MOVE FORWARD: STEP BY STEP TOWARDS A DIGITAL PORT. A White Paper issued by Port of Rotterdam and the British Ports Association

Section Cyber insurance coverage Commentary
1 Cyber Incident definition
  • An un-authorised act or activities on a computer network controlled by the insured
2.3.1 Breach Response (incl. Defence & Remediation and Fines / Penalties)
  • Costs of response / incident management / media / legal
  • Cost of fine or penalty arising from cyber incident leading to a fine under safety legislation / cyber security legislation and or GDPR or privacy laws
2.3.2 Non-physical damage to shoreside IT systems
  • Cost of repair / reinstatement to information technology where damaged or non-physical damaged
2.3.3 Data Restoration
  • Additional costs incurred (with limitations) in reinstating or restoring data assets
2.3.4 Data Loss
  • Costs and expenses incurred following a breach of privacy legislation in respect of personal data; commercial data and security / confidentiality
2.4.1 Business Interruption
  • Loss of revenue and extra expense
2.4.2 Cyber crime
  • Costs incurred following an illegal or unlawful demand (ransomware) and sub-limited e-theft cover
Please access the website using a computer