CFC has introduced a customer-led business interruption extension to its Cyber Proactive Response policy, enabling SMEs to insure against income loss caused by a cyber attack on a major customer.

Available globally, the extension responds to contingent business interruption where a key customer cancels orders for a period following a cyber incident. It is aimed at small businesses that depend on a material proportion of revenue from a single customer and may suffer financial loss despite not being directly affected.

“The cyber attack suffered by Jaguar Land Rover demonstrated acute vulnerability in the supply chain because of dependence on one major customer whose business has effectively been shut down by cyber criminals,” said CFC’s head of global cyber underwriting, Scott Bailey. “Whilst unable to operate its own business as normal during the attack and recovery period, JLR was forced to cancel orders with its hundreds of suppliers, decimating the short-term fortunes of many of its small business providers.”

CFC has acted as a British Insurance Brokers' Association cyber insurance scheme provider since 2004, and is making the extension available to brokers across the UK.

Graeme Trudgil, CEO of BIBA, said the policy was potentially a "game changer".

“We are seriously concerned that small and medium-sized firms face a real risk of a drop-off in demand if companies at the top of their supply chain suffer a cyber attack," he added.

---