Technology errors and omissions (E&O) insurance has seen some shifts in recent years, but the basics remain steady. Erin Eisenrich, vice president of technology E&O and international at Berkley Technology Underwriters, explains that while technology keeps evolving—from cloud systems to AI tools—the way insurers assess risk hasn’t changed much. The main focus is still on how a tech company’s mistake might hurt a third party financially.
What is changing, though, is the scale of risks. Because of more digital connections, tougher regulations, and more frequent cyberattacks like ransomware, insurers are paying closer attention. They now look not only at direct mistakes but also at how one error could trigger bigger failures across systems. This has become a bigger concern with technologies like embedded software and cloud computing.
Another big change is the way underwriters review how tech companies manage their own cybersecurity. Before the pandemic, the spotlight was mostly on outside risks. Now, internal security measures like multi-factor authentication (MFA) have become standard, influencing insurance pricing and availability. The industry is already moving on to the next step, focusing on tools like endpoint detection and managed response systems as new security essentials.
The line between E&O and cyber insurance is blurring too. For many tech clients, Eisenrich says these coverages are so intertwined that they often come as one combined policy. This means insurers evaluate how companies protect themselves and how those companies might impact others. It creates tricky situations for claims. For example, an IT consultant could be sued if they recommend a security vendor that fails, even if it’s not directly their fault.
Artificial intelligence adds another layer of uncertainty. AI risks are growing fast, but regulations and legal precedents are still catching up. Insurers are unsure how to cover AI-related claims or set prices. There’s also debate over whether this kind of risk belongs under directors and officers (D&O) insurance or E&O policies. Eisenrich expects the market will respond by creating blended policies to cover these AI risks more clearly.
Despite all the buzz around cyber and AI, contracts remain at the heart of E&O risk. Eisenrich points out that breaches of contract still pose the biggest threats. Insurers tend to examine contracts more closely with larger clients, watching for red flags like clauses that limit liability to insurance coverage or overly broad warranty promises that could lead to big lawsuits.
The rise in widespread tech failures is also shaking things up. Outages at companies like CrowdStrike, Salesloft, and Change Healthcare have become more common, sometimes triggered by hackers, other times by mistakes. These events can cause major disruptions and hefty claims, leading insurers to rethink how they price and manage risk. Unlike natural disasters, tech problems often come from unknown sources, which keeps insurers on their toes.
In short, while the basics of underwriting tech errors haven’t shifted much, the environment around it is changing fast. Insurers are adapting to bigger risks, more security demands, and new questions brought by AI. It’s a tricky time, but also one that’s reshaping how tech risks are insured.