Allegory is a powerful tool to explain a complex topic or summarize it, so many times I explain that Information Security should be like the atmosphere – it should be transparent (not felt, not bothering), it should prevent bad things (asteroids = malware/other attacks) from coming in, and prevent good things (like oxygen = sensitive/confidential data) from getting out.
About the ability of cyber insurers to avoid paying due to a cyberwar act claim
Following the news article from below – it is no news that insurers try to avoid paying, but their stand of not paying due to cyber war acts will not stand, in my opinion.
For a cyber act and/or malware, to be officially declared, in our digital anonymized worlds, as originated from a specific country and intended to be an act of war – I guess only other governments or unions of governments (e.g. UN, NATO) can declare that, and such declaration may have severe consequences, like… ahhmmm… starting a war… – so the insurers’ ability to avoid paying for this reason, is, I think, close to zero (although it may be a true fact in reality and they may be right in their claim, but they won’t be able to prove it)
“Merck Settles NotPetya Insurance Claim, Leaving Cyberwar Definition Unresolved“