Technology and cyber risks have become a major factor in vendor management for all companies across all industries.  As our world becomes increasingly interconnected and dependent upon outside third parties to underpin key components of the development, creation, and delivery of goods and services, the inherent risk of a supply-chain or vendor-based technology incident will only grow.  A robust technology-focused vendor management program should include strong indemnification protections, favorable (or no) caps on liability, and as a financial backstop for small vendors, quality technology E&O and cyber insurance.

Typically, there should not be a gap in coverage for cyber or technology related claims which originate at a vendor or third party, if both the vendor and the client have cyber and/or technology E&O coverage in place.  In most scenarios, the vendor’s insurance policy would cover the incident as a technology E&O claim, reimbursing the client for damages.  But, there are situations where this may not be the case, such as:

  • The vendor does not buy technology E&O or cyber insurance
  • The vendor is underinsured for technology E&O or cyber incidents
  • The vendor exhausts their available technology E&O or cyber insurance

When this happens, most well-brokered cyber insurance policies in place for the client should cover the client for their own costs associated with responding to a privacy or security incident originating at a vendor.  Simply put, the client’s own cyber insurance would respond as though the client had been the cause of the loss, leaving the insurers to pursue subrogation against the vendor.  While this helps protect our clients from an uninsured loss, there remains the possibility of the client paying a high self-insured retention or being exposed to a non-covered claim.  This potential capital issue can be mitigated through a vendor insurance management program.

Given the proactive approach that many of our clients take, we have partnered with select A-rated domestic carrier partners to create a facility for our clients to access when their US domiciled vendor partners are struggling to find competitive capacity.  If your vendors are uninsured or underinsured when it comes to technology E&O and/or cyber insurance, CAC’s new facility is available to United States domiciled vendors under $250 million in annual revenue and in nearly every industry class. The process is quick and cost effective, with several key benefits:

  • Easy and simplified underwriting process
  • Fast turnaround time
  • Individual limits and policies for each vendor
  • Competitive premiums
  • No administrative burden or cost-outlay for our clients
  • Industry-leading domestic carrier partners with admitted paper


For more information please contact a member of your CAC Specialty team.

ADAM LANTRIP | Professional Liability & Cyber Practice Leader | Direct: (404) 754-4848 |

LAURA BURKE | Senior Vice President | Direct: (216) 570-7293 |

SAMANTHA “SAM” LEVINE | Senior Vice President | Direct: (913) 669-2785 |