Amy J. Spencer
In Part I of this two-part series, I identified first-party and third-party insurance claims that could result from a cyber event or attack on the Smart Grid. In this part, I examine how insurance policy language governs resolution of these claims and how to minimize gaps in coverage.
Examine Your Insurance Policies
Traditionally, third-party losses are covered by a company’s commercial general liability (“CGL”) policy. To qualify for coverage under a CGL policy, the policyholder typically must be confronted with a claim for “bodily injury” to another person or “physical injury to tangible property” (collectively known as “Coverage A”), or with a claim for “personal and advertising injury” (injury arising out of certain enumerated offenses such as malicious prosecution or invasion of privacy) (“Coverage B”). Various disputes have arisen as to whether cyber-related losses fit within these coverages. Continue reading “Be Smart about Insurance for the Smart Grid: Coverage for Losses from Cyber Events—Part II”
Amy J. Spencer
In this part of our two-part series, I identify the types and breadth of insurance claims that can result from a cyber breach or cyberattack on technologies deployed in the Smart Grid industry. These claims can affect a full range of entities and individuals, including electric utilities implementing Smart Grid technology, energy consumers, Smart Grid technology suppliers, and their individual officers and directors. Continue reading “Be Smart about Insurance for the Smart Grid: Coverage for Losses from Cyber Events—Part I”
James Carter, Omid Safa, and Jared Zola
At the beginning of 2017, many publications predicted that ransomware would be one of the most significant cyber threats of the year. The year is not even half over and that prediction appears to be coming true.
On Friday, May 12, 2017, tens of thousands of organizations and companies across the world fell victim to a virulent form of ransomware known as “WannaCry.” The global event has been recognized as one of the largest cyberattacks ever. Continue reading “Ransomware and Cyberinsurance”
Omid Safa, James S. Carter, and Jared Zola
This blog post is Part Two of our blog series and highlights several strategies for maximizing the value of a cyber insurance purchase. Part One of the blog series, highlighted the need for an organization to reevaluate its insurance coverage as part of a comprehensive strategy for addressing emerging cyber risks and outlined several ‘‘big picture’’ considerations relevant to any organization contemplating a cyber insurance purchase. This second part focuses on several strategies to consider when negotiating a cyber insurance purchase and seeking to customize a policy to align with an organization’s particular business needs. Continue reading “Managing Cyber Risks: Tips for Purchasing Insurance That Works for Your Business (Part 2)”
James S. Carter, Omid Safa, and Jared Zola
More insurers are offering stand-alone cyberinsurance policies than ever before. At the same time, there are very few decisions by courts regarding this relatively new breed of insurance policy. Most of the decisions construing insurance coverage for cyber risks to date involve other types of insurance policies, such as commercial general liability (“CGL”) and commercial crime policies. Although such cases may not involve cyber policies per se, buyers trying to navigate the cyberinsurance market ignore them at their peril. They illustrate the types of cyber incidents that have generated insurance coverage disputes significant enough to be litigated to decision. Familiarity with such cases can help buyers select and negotiate cyber risk policies with wording aimed at minimizing such disputes and increasing the scope and certainty of the coverage available to the policyholder.
Continue reading “Cyberinsurance Buyers Beware! Is the Past Prologue?”
Kevin R. Doherty
Today’s political climate is rife with reminders about the importance of data privacy and cybersecurity. According to the World Economic Forum’s 2017 Global Risks Report, the greatest technological risks facing the world include large-scale cyberattacks and massive incidents of data fraud and data theft. And it’s no secret that companies can lose millions of dollars, and the loyalty of their customers, when their data is stolen. It is thus increasingly important for companies, large and small, to obtain adequate insurance coverage to protect against these risks. But are all cyberattacks covered under your policy, and what happens if a cyberattack is considered an act of war? The answers depend, and they could make the difference in your company’s survival. Continue reading “The Art of (Cyber) War”
Omid Safa, James S. Carter, and Jared Zola
With information technology impacting nearly every aspect of commerce in our “wired” economy, few issues present more concern to businesses today than cybersecurity. Cyberattacks continue to proliferate at an alarming rate and the threats facing companies continue to evolve and become more sophisticated with each passing day. The legal and financial costs associated with such events also grow more serious, as legislators, regulators, and customers insist on greater protection and impose more stringent requirements. Meanwhile, insurance companies have sought to limit the coverage available under traditional insurance policies with new exclusions aimed at cyber-related risks. As a result, it has become imperative for organizations to reevaluate their cybersecurity protocols and breach response plans—and their insurance coverage assets to help offset losses and liabilities associated with such events when all other safeguards fail. Increasingly, this means that companies must consider purchasing cyber-specific coverage to insure against these emerging risks and address the potential gaps in their traditional insurance programs. Continue reading “Managing Cyber Risks: Tips for Purchasing Insurance That Works for Your Business (Part 1)”