Business Interruption in Today’s Technological World – Time to Rethink?

Usually, discussions around business interruption (BI) are in the context of property damage, for example, a fire or flood. However, in today’s environment, with significant dependence on technology across the retail, food and beverage industries, events which don’t damage property can still severely disrupt your clients’ operations and are often underestimated. For example, what would happen if a cyber-attack led to the shutdown of a client’s web shop, automated distribution centre, or disrupted a its supply chain systems?


There’s no escaping the fact that new technologies are reshaping almost every industry.  Meanwhile, legacy retail management software and systems are struggling under the strain of multi-channel expansion plans, while in the food manufacturing industry profit margin battles and new product demands are creating extra pressure to implement new technologies for increased efficiency.

In short, changes in the use of technology will result in a rethinking of business models and profound changes to firms’ risk profiles.


While most businesses will have assessed the potential maximum loss of revenue following a property damage event, many may not have quantified the revenue they would lose if their systems were hacked or taken offline for a significant period of time. Whether the trigger is at a business’s own location or at a customer or supplier location, these risks demand a new approach.

So, how should your clients prepare?  Essentially, it’s a three step process:

  1. ASSESS: Cyber risk should be defined, and clients should identify and develop loss scenarios arising from cyber events. Maximum losses for non-damage business interruption, data breach, data deletion/corruption, and system outage should also be quantified, alongside a thorough review of cyber risk management.
  1. MITIGATE: Mitigation measures might include changing business and IT processes to improve resilience, enhancing restoration capabilities, or strengthening technical cyber-security controls and contractual risk management.
  1. TREAT: Customised insurance can be considered where identified risks exceed acceptable levels. Coverage is available for first and third party risks including non-damage business interruption.

Assessing and treating today’s new technology-driven business interruption risks is a major opportunity and an essential activity to build resiliency into your clients’ businesses. 


David Tate

Retail, Food & Beverage Practice Leader, Marsh UK & Ireland

Marsh ProBroker’s parent company