Archives: Cyberliability

Subscribe to Cyberliability RSS Feed

Cyber insurance claims: Minimize risk, maximize recovery

Cybercrime, including ransomware, is one of the top challenges facing organizations today. Businesses across the globe are suffering staggering cyber-related losses, losing around $60 billion on cyber crime annually.   We are excited to launch our thought leadership campaign, “Cyber Insurance claims: Minimize risk, maximize recovery,” which provides a comprehensive look into the key issues relating … Continue Reading

Key questions corporate tech, legal, and security officers need to ask when considering cyber coverage

Cyber incidents and attacks, whereby hackers target companies for ransom, to obtain sensitive information, or for other reasons, are a significant and growing threat. In 2021 alone, cyber incidents caused roughly $6 trillion in losses, and the consensus is that the threat of incidents will remain strong. Corporations are increasingly seeking insurance against this risk, … Continue Reading

A tightening cyber insurance market: War exclusions in the wake of Merck v. Ace

As cyber risks continue to grow and evolve, the cyber insurance market is increasingly likely to take steps to limit its risk profile, often in the form of new or broadened policy exclusions. Cyber insurers are continuously evaluating, amending, and restructuring their insurance products (including their capacity, and, importantly, their pricing) to reflect what they … Continue Reading

Can property or specie insurance provide coverage for crypto losses?

How cryptocurrencies are viewed by courts can be determinative when seeking coverage for a cryptocurrency-related loss, and whether cryptocurrency is “money,” “securities,” or “property” has been the subject of heavy debate. In our previous blog post, we explored how your current D&O and/or cyber insurance policies may provide coverage for crypto-related losses. In this article, … Continue Reading

War exclusion: changing battlefields and coverage implications

In early February of this year, we wrote about a New Jersey court’s recent decision in Merck & Co., Inc. et al. v. Ace American Ins. Co. et al., Case No. UNN-L-2682-18 (N.J. Sup. Ct.) regarding the applicability of a “war exclusion” for acts of cyberwarfare.  Shortly thereafter, the Russian invasion of Ukraine once again … Continue Reading

Responding to a cyber-related business interruption: best practices

One of the top issues facing business today is the risk of business interruption resulting from a cyber-related attack. Regardless of the form of attack – ransomware, denial of service, data theft, or other form of malware – any resulting failure of an organization’s network systems can have severe consequences, financial and otherwise. These may … Continue Reading

The duty to defend requires an early judgment

If an insurance company owes a duty to defend, the dispute should be decided promptly, on the pleadings. Any delay undermines the duty to defend. The scope of the duty to defend should be adjudicated on the pleadings as quickly as possible to give policyholders the true value of their policies and the benefit of … Continue Reading

Lessons from Merck v. Ace: A cyberattack does not amount to an ‘act of war’

Cyberattacks continue to grow in sophistication and frequency, with attackers targeting businesses of all industries and sizes with seeming impunity. In the wake of this ongoing pervasive and indiscriminate threat, corporate risk departments are taking measures to assess cyber risks and update network security and protocol in hopes of staying one step ahead of potential … Continue Reading

Year in review: Reed Smith’s Insurance Recovery team highlights top insurance topics of 2021

At Reed Smith, we pride ourselves on forming true partnerships with our clients to find creative and unexpected solutions to the most challenging insurance coverage issues. As part of this commitment, we have authored a column for Thomson Reuters to provide advice, strategies, and information on the full range of insurance coverage issues affecting commercial … Continue Reading

Pollution exclusion should not preclude coverage for virus-related claims

Faced with mounting claims for insurance coverage as a result of the novel coronavirus (COVID-19) outbreak, commercial insurers are likely to search for any policy provision that they think will enable them to avoid paying virus-related claims.  One provision that insurers ultimately may invoke in an attempt to deny such claims is the so-called “pollution … Continue Reading

Are you covered? Cannabis industry must prepare for cyberattacks in 2020

Experian Data Breach Resolution (Experian) has identified its “top data breach trends of 2020,” and the cannabis industry should take note. In its “Data Breach Industry Forecast 2020,” Experian predicts that “we will see many burgeoning industries, such as cannabis retailers, cryptocurrency entities, and even some environmental organizations targeted for cyberattacks as a result of … Continue Reading

Artificial Intelligence: The New Frontier for Assessing Insurance Coverage

U.S. and international businesses are accelerating their use of artificial intelligence (AI)[1] at an unprecedented rate. The second AI Index Report published in December 2018 by a Stanford University-led group concluded that “AI activity is increasing nearly everywhere and technological performance is improving across the board.” The AI Index Report further found that “the number … Continue Reading

Lloyd’s of London report forecasts multibillion dollar losses due to cloud outages

On Tuesday, January 23, Lloyd’s of London and AIR Worldwide co-published a report regarding the financial fallout that could occur if a cyber incident or shutdown of a cloud computing provider happened in the United States. The report noted that losses could be around $19 billion with only about $3 billion being covered by insurance.[1]  … Continue Reading

Beware the Fine (Thumb) Print: Insurance Coverage for Class Actions Under the Illinois Biometric Information Privacy Act, and Similar Biometric Privacy Statutes

Since July 2017, national, regional and local businesses operating in Illinois have been hit with a virtual storm of class actions under the Illinois Biometrics Privacy Act (“BIPA”), 740 ILCS 14 et seq.  BIPA regulates how businesses may record and store biometric data from customers or employees, and these actions create the potential for significant … Continue Reading

Schrödinger’s Coverage: When a Risk is Covered and Not Covered by Insurance

When is a person an “employee” under one insurance policy but not an employee under another?   Conflicting or inconsistent definitions across multiple policy lines issued to the same company can give rise to significant gaps in insurance coverage, as a recent opinion of the U.S. Court of Appeals for the Seventh Circuit instructs, Telamon Corp. … Continue Reading

Massive DDoS Internet Attack Heightens the Focus on Cyberliability and Network Business Interruption Insurance Coverage

The October 21, 2016 DDoS attack on the internet’s domain name system infrastructure underscores the need to consider cyberliability insurance coverage as a critical component of your company’s security and privacy breach response plan, and if your company carries cyberliability insurance, to ensure that your coverage will respond to a network business interruption, security breach … Continue Reading

‘Sorry, But You Have Nothing in Common’: The New York Court of Appeals’ Recent Rejection of the ‘Common Interest Doctrine’ Outside the Context of Litigation

The New York Court of Appeals, the state’s highest court, recently rejected an attempt to apply the “common interest doctrine,” an exception to the general rule that communicating privileged information to a third party waives the attorney-client privilege, to situations where separately represented parties communicate attorney-client privileged information in connection with transactions or other circumstances … Continue Reading

Court Upholds Coverage Under General Liability Policy for Claim Alleging Failure to Protect Data

In an encouraging development for insureds, the United States Court of Appeals for the Fourth Circuit held that a health care company’s general liability insurer was required to defend the company against claims stemming from an alleged failure to secure electronic medical records. In The Travelers Indemnity Co. of America v. Portal Healthcare Solutions, L.L.C., … Continue Reading

Companies can insure against cyber ransom

National Public Radio and other news outlets are reporting that a Los Angeles-area hospital recently paid a $17,000 ransom (in the form of 40 bitcoins) to hackers to unencrypt its computer networks, which had been held hostage after “ransomware” was introduced into the hospital’s network. Ransomware is a form of malicious software, or “malware,” that encrypts … Continue Reading

Will it Cost More To Protect Your Company and Board from Cyber Attacks?

Businesses may find it more challenging to purchase or renew cyber liability insurance coverage, according to recent articles by Advisen¹, Reuters, and follow-up communications with Robert Parisi, managing director and National Cyber Risk Product Leader at Marsh. Brokers are warning that policyholders should expect sharp increases in premiums and deductibles, coupled with declining limits. Although cyber insurance … Continue Reading

Data Breaches Are Not Academic: Colleges and Universities Should Take Appropriate Steps To Avoid or at Least Minimize Their Exposure

Data breaches at colleges and universities are on the rise. These institutions are targets because their networks have access to a large amount of private information, including educational and medical records, as well as employees’ personal data. But in other instances, their systems are being attacked for malicious sport. In a recent Client Alert members … Continue Reading

The Vital Role of Cyber Insurance in Protecting a Team’s “Analytic Property”

Professional sports organizations are facing a new off-field risk: potential exposure of their proprietary data. In this new age of data in professional sports, teams are spending millions of dollars on sabermetrics and other data science techniques to obtain a competitive edge. But as the recent alleged breach of the Houston Astros’ computer database by … Continue Reading

United States Department of Justice Announces “Best Practices” for Addressing Cyber Attacks

In light of the growing concern over cybersecurity, the United Stated Department of Justice (“DOJ”) issued guidance last week on how to prepare for and respond to cyber attacks.  Taking lessons learned by federal prosecutors while handling cyber investigations, and input from private sector companies that have managed cyber incidents, the guidance contains a step-by-step guide … Continue Reading

New York Department of Financial Services Announces New Cyber Security Measures Directed at Strengthening Insurers’ Cyber Defenses

The New York Department of Financial Services (NYDFS) announced last week a series of measures it plans to take "to help strengthen cyber hacking defenses at insurers." Those measures include, among other things: regular, targeted assessments of cyber security preparedness at insurance companies; putting forward enhanced regulations requiring institutions to meet heightened standards for cyber security; and considering the ways in which NYDFS can support and encourage the development of the cyber security insurance market. The NYDFS stated that it plans to initiate these measures in the coming weeks and months.… Continue Reading
LexBlog