Many corporate executives generously serve as directors and officers of nonprofit organizations. While they are undoubtedly inundated with meetings and workshops focusing on corporate risk management at their day job, they may not consider potential liability arising from their philanthropic work. Just as a corporate director may face lawsuits, even those lacking merit, for allegedly breaching fiduciary obligations to shareholders, so, too, a nonprofit director may face similar allegations of wrongdoing for a broad range of activities including, for example, allegedly permitting the mismanagement of funds or approving an employee’s termination. Even if the director ultimately prevails after a trial on the merits, the nonprofit may not possess the financial means to indemnify her or his legal fees. Before any such issue threatens financial well-being, it is prudent for any individual joining a nonprofit organization to take the time to make sure the nonprofit has appropriate insurance coverage. So what is appropriate coverage?
More insurers are offering stand-alone cyberinsurance policies than ever before. At the same time, there are very few decisions by courts regarding this relatively new breed of insurance policy. Most of the decisions construing insurance coverage for cyber risks to date involve other types of insurance policies, such as commercial general liability (“CGL”) and commercial crime policies. Although such cases may not involve cyber policies per se, buyers trying to navigate the cyberinsurance market ignore them at their peril. They illustrate the types of cyber incidents that have generated insurance coverage disputes significant enough to be litigated to decision. Familiarity with such cases can help buyers select and negotiate cyber risk policies with wording aimed at minimizing such disputes and increasing the scope and certainty of the coverage available to the policyholder.
Today’s political climate is rife with reminders about the importance of data privacy and cybersecurity. According to the World Economic Forum’s 2017 Global Risks Report, the greatest technological risks facing the world include large-scale cyberattacks and massive incidents of data fraud and data theft. And it’s no secret that companies can lose millions of dollars, and the loyalty of their customers, when their data is stolen. It is thus increasingly important for companies, large and small, to obtain adequate insurance coverage to protect against these risks. But are all cyberattacks covered under your policy, and what happens if a cyberattack is considered an act of war? The answers depend, and they could make the difference in your company’s survival. Continue reading “The Art of (Cyber) War”
With information technology impacting nearly every aspect of commerce in our “wired” economy, few issues present more concern to businesses today than cybersecurity. Cyberattacks continue to proliferate at an alarming rate and the threats facing companies continue to evolve and become more sophisticated with each passing day. The legal and financial costs associated with such events also grow more serious, as legislators, regulators, and customers insist on greater protection and impose more stringent requirements. Meanwhile, insurance companies have sought to limit the coverage available under traditional insurance policies with new exclusions aimed at cyber-related risks. As a result, it has become imperative for organizations to reevaluate their cybersecurity protocols and breach response plans—and their insurance coverage assets to help offset losses and liabilities associated with such events when all other safeguards fail. Increasingly, this means that companies must consider purchasing cyber-specific coverage to insure against these emerging risks and address the potential gaps in their traditional insurance programs. Continue reading “Managing Cyber Risks: Tips for Purchasing Insurance That Works for Your Business (Part 1)”
Companies facing shareholder derivative suits should be wary of their directors’ and officers’ liability (“D&O”) insurers attempting to avoid providing coverage for settlements or judgments based on “bump-up” or “inadequate consideration” exclusions. The historic purpose of the exclusion is to prevent insureds from negotiating an unfairly-low price when purchasing another entity or completing intracompany transactions and then using insurance proceeds to supplement that price to come up with the fair market value. Continue reading “Don’t Let Your D&O Insurer “Bump” a Covered Claim”
It can be easy for insurance trial lawyers to become complacent when fighting the ancient coverage wars over asbestos and pollution related-liabilities. But good trial lawyers know how to revisit their time-tested themes with renewed energy and vigor each time. They face each trial fresh, as if it is the first time the words have been spoken, because the trial lawyer knows that for the jury, that might as well be true. The evidence and the themes will be all new. Continue reading “Trying the Environmental Coverage Case in 2017”
According to FBI data, cyber-criminals are on pace this year to collect approximately $1 billion through cyber extortion. This is a practice in which extortionists threaten to cripple a computer system or obtain and/or release confidential information unless their demands (usually for money) are satisfied. Although much of this money is coerced from individuals in increments of several hundred dollars, more and more organizations are finding themselves in cyber extortionists’ crosshairs, including documented incidents against local governments, schools, hospitals and businesses in a range of industries. As cyber extortionists increasingly target organizations rather than individuals, security professionals fear the costs of cyber extortion incidents could dramatically increase. Continue reading “The Ins and Outs of Cyber Extortion Insurance Coverage”