Tag Archives: Cyber Attack

Cyber insurance claims: Minimize risk, maximize recovery

Cybercrime, including ransomware, is one of the top challenges facing organizations today. Businesses across the globe are suffering staggering cyber-related losses, losing around $60 billion on cyber crime annually. We are excited to launch our thought leadership campaign, “Cyber Insurance claims: Minimize risk, maximize recovery,” which provides a comprehensive look into the key issues relating … Continue Reading

Responding to a cyber-related business interruption: best practices

By Brian Himmel and Andy Moss on 2 March 2022 Posted in Business interruption, Cyberliability, Insurance Coverage, Insurance General

One of the top issues facing business today is the risk of business interruption resulting from a cyber-related attack. Regardless of the form of attack – ransomware, denial of service, data theft, or other form of malware – any resulting failure of an organization’s network systems can have severe consequences, financial and otherwise. These may … Continue Reading

Lessons from Merck v. Ace: A cyberattack does not amount to an ‘act of war’

By David Cummings and Andy Moss on 11 February 2022 Posted in Cyberliability, Insurance Coverage, Insurance General

Cyberattacks continue to grow in sophistication and frequency, with attackers targeting businesses of all industries and sizes with seeming impunity. In the wake of this ongoing pervasive and indiscriminate threat, corporate risk departments are taking measures to assess cyber risks and update network security and protocol in hopes of staying one step ahead of potential … Continue Reading

Will it Cost More To Protect Your Company and Board from Cyber Attacks?

By Whitney Ross, Douglas C. Rawles and Matthew J. Schlesinger on 14 October 2015 Posted in Cyberliability

Businesses may find it more challenging to purchase or renew cyber liability insurance coverage, according to recent articles by Advisen¹, Reuters, and follow-up communications with Robert Parisi, managing director and National Cyber Risk Product Leader at Marsh. Brokers are warning that policyholders should expect sharp increases in premiums and deductibles, coupled with declining limits. Although cyber insurance … Continue Reading

Data Breaches Are Not Academic: Colleges and Universities Should Take Appropriate Steps To Avoid or at Least Minimize Their Exposure

By David E. Weiss, Cristina Shea and Matt Rosso on 12 October 2015 Posted in Cyberliability

Data breaches at colleges and universities are on the rise. These institutions are targets because their networks have access to a large amount of private information, including educational and medical records, as well as employees’ personal data. But in other instances, their systems are being attacked for malicious sport. In a recent Client Alert members … Continue Reading

United States Department of Justice Announces “Best Practices” for Addressing Cyber Attacks

By Melissa Meth on 7 May 2015 Posted in Cyberliability, Insurance Coverage, Insurance General

In light of the growing concern over cybersecurity, the United Stated Department of Justice (“DOJ”) issued guidance last week on how to prepare for and respond to cyber attacks. Taking lessons learned by federal prosecutors while handling cyber investigations, and input from private sector companies that have managed cyber incidents, the guidance contains a step-by-step guide … Continue Reading

New York Department of Financial Services Announces New Cyber Security Measures Directed at Strengthening Insurers’ Cyber Defenses

By Emily Garrison and Andy Moss on 16 February 2015 Posted in Cyberliability, Financial Insurance Coverage, Insurance Coverage

The New York Department of Financial Services (NYDFS) announced last week a series of measures it plans to take "to help strengthen cyber hacking defenses at insurers." Those measures include, among other things: regular, targeted assessments of cyber security preparedness at insurance companies; putting forward enhanced regulations requiring institutions to meet heightened standards for cyber security; and considering the ways in which NYDFS can support and encourage the development of the cyber security insurance market. The NYDFS stated that it plans to initiate these measures in the coming weeks and months.… Continue Reading

As Federal and State Agencies Warn of Increased Cyber Threats, Insurance Incentives for Compliance with NIST Cybersecurity Framework May Be on the Horizon

By Andy Moss and Emily Garrison on 10 November 2014 Posted in Cyberliability, Insurance Coverage, Insurance News of Note

Since the President's February 2013 Executive Order directing the National Institute of Standards and Technology (NIST) to lead the development of a voluntary framework to address and reduce cyber risks, the agencies and stakeholders involved have been exploring whether to tie the February 2014 Framework for Improving Critical Infrastructure Cybersecurity (the NIST Framework) to incentives such as cyberliability insurance. For example, in a Report to the President on Cybersecurity Incentives, the Treasury Department suggested that "[c]yber insurance can promote adoption of stronger security measures" because, among other reasons, "insurers could require policyholders to comply with minimum security standards as a condition of insurance coverage, including adoption of the Framework." The Treasury Department held a public meeting on November 6 that included a discussion of developments in the market for cyberliability insurance and the NIST Framework.… Continue Reading

Beware Of Gaps In Your Cyber Risk Policy – Are You Covered In the Event of an Insider Attack or Data Breach?

By Brian Himmel, Andy Moss and Robert Owen on 24 October 2014 Posted in Cyberliability, Insurance Coverage

The evolving market for cyberliability insurance coverage reveals significant differences in the scope of coverage afforded under available policies. A coverage gap that may exist under some policies is for insider cyber attacks. While external attacks receive substantial news coverage, a recent study finds that businesses may be far less equipped to stave off attacks involving insiders: employees, vendors, suppliers and others who may have authorized access to critical or sensitive data.… Continue Reading