Omid Safa, James S. Carter, and Jared Zola
This blog post is Part Two of our blog series and highlights several strategies for maximizing the value of a cyber insurance purchase. Part One of the blog series, highlighted the need for an organization to reevaluate its insurance coverage as part of a comprehensive strategy for addressing emerging cyber risks and outlined several ‘‘big picture’’ considerations relevant to any organization contemplating a cyber insurance purchase. This second part focuses on several strategies to consider when negotiating a cyber insurance purchase and seeking to customize a policy to align with an organization’s particular business needs. Continue reading “Managing Cyber Risks: Tips for Purchasing Insurance That Works for Your Business (Part 2)”
Kevin R. Doherty
Today’s political climate is rife with reminders about the importance of data privacy and cybersecurity. According to the World Economic Forum’s 2017 Global Risks Report, the greatest technological risks facing the world include large-scale cyberattacks and massive incidents of data fraud and data theft. And it’s no secret that companies can lose millions of dollars, and the loyalty of their customers, when their data is stolen. It is thus increasingly important for companies, large and small, to obtain adequate insurance coverage to protect against these risks. But are all cyberattacks covered under your policy, and what happens if a cyberattack is considered an act of war? The answers depend, and they could make the difference in your company’s survival. Continue reading “The Art of (Cyber) War”
Omid Safa, James S. Carter, and Jared Zola
With information technology impacting nearly every aspect of commerce in our “wired” economy, few issues present more concern to businesses today than cybersecurity. Cyberattacks continue to proliferate at an alarming rate and the threats facing companies continue to evolve and become more sophisticated with each passing day. The legal and financial costs associated with such events also grow more serious, as legislators, regulators, and customers insist on greater protection and impose more stringent requirements. Meanwhile, insurance companies have sought to limit the coverage available under traditional insurance policies with new exclusions aimed at cyber-related risks. As a result, it has become imperative for organizations to reevaluate their cybersecurity protocols and breach response plans—and their insurance coverage assets to help offset losses and liabilities associated with such events when all other safeguards fail. Increasingly, this means that companies must consider purchasing cyber-specific coverage to insure against these emerging risks and address the potential gaps in their traditional insurance programs. Continue reading “Managing Cyber Risks: Tips for Purchasing Insurance That Works for Your Business (Part 1)”
James S. Carter
Many companies rely on indemnification and additional insured provisions in their contracts for protection against losses arising from a contractual relationship. Indemnification provisions insulate the company from certain losses by requiring the other party to assume and to indemnify it against those losses. Additional insured provisions add another layer of protection by requiring the other party to arrange for the company to become an insured under the other party’s insurance policies. Ideally, indemnification provisions and additional insured coverage should work together when losses occur to furnish the level of protection the company expected when it entered into the contract.
Unless company representatives read the insurance policy that provides the additional insured coverage, however, they may have little idea how the additional insured coverage works. A recent decision by the Supreme Court of Texas arising out of the Deepwater Horizon oil spill incident illustrates how the interplay between additional insured coverage and wording in an underlying contract can operate to frustrate an additional insured’s expectations of coverage. Continue reading “How to Make Sure the Indemnification and Additional Insured Provisions in Your Next Contract Deliver the Protection Your Company Expects”
Erin L. Webb
More information has come to light about the data breach affecting Target, and it highlights the importance of “additional insured” coverage, as well as the need for companies to recognize that sophisticated cyberattacks can affect any company, not just those in the computer or technology industries. Blogger Brian Krebs reports that the theft of credentials from a heating and cooling (HVAC) company may be linked to the Target breach.
How could it happen? No details have yet been publicly confirmed, but it is possible that the HVAC company had access to Target’s network so that it could remotely monitor heating and cooling efficiency at multiple Target locations. If Target’s electronic systems were linked – if one was accessible via another – a path for a hacker from HVAC information to credit card processing may have been possible. Continue reading “Target Data Breach Part 2: The Additional Insured”