Cyber-Risk Insurance Update
In their Corporate Insurance Law column, Howard B. Epstein and Theodore A. Keyes write: Over the last few years, cyber-risk insurance products have evolved so that coverage is now available for cyber-risk exposures related to third-party claims as well as for first-party loss. In addition, some policies provide insureds with access to help responding to a data breach crisis or assistance with preventative risk management and loss-control activities.
July 24, 2015 at 05:39 PM
11 minute read
What do the U.S. Office of Personnel Management, Target, Anthem, Sony, P.F. Chang's and the State Department have in common? It's an easy question, if you have been paying attention. In recent months, each has been the subject of a cybersecurity attack or data breach.
We first covered the topic of cyber-risk insurance in a column published here two years ago.1 At the time, we wrote that news stories reporting the latest theft of credit card data, Social Security numbers and ATM codes had become more prevalent. Since then, however, the rate of data breaches and related disclosures has only increased and the organizations identified above, unfortunately, represent merely a few high-profile examples culled from an ever-growing list. In fact, if recent news reports are correct, we may soon be adding the Houston Astros to the list.
Cyber-risk concerns initially appeared to be primarily confined to retailers, banks, credit card companies and other businesses that maintain large volumes of personally identifiable information (PII). Today, the risks are even more widespread. Companies that maintain PII or other sensitive records on a network or that conduct business online have addressed (or should address) these risks through privacy policies, employee training, incident response plans, contractual protections with vendors, and network security technology. Given the ever-increasing sophistication of hackers, however, it is unlikely that such policies, procedures, and contractual provisions will be sufficient to entirely eliminate the risk of a data breach. Consequently, companies should also consider whether cyber-risk insurance should be part of their risk management approach.
NOT FOR REPRINT
© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.
You Might Like
View AllLack of Agreement on 'Implicit' Settlement Term Insufficient to Preclude Enforcement
7 minute read'Nothing Routine' About Eric Adams Bribery, Prosecutors Tell Judge in Defending Charge
NY Lateral Partner Moves Spike, Especially in PE and Funds Practices
NYC Judge Holds Immigration Restriction Group in Contempt for Inadequate Response to AG Subpoena
Trending Stories
- 1The Law Firm Disrupted: Playing the Talent Game to Win
- 2A&O Shearman Adopts 3-Level Lockstep Pay Model Amid Shift to All-Equity Partnership
- 3Preparing Your Law Firm for 2025: Smart Ways to Embrace AI & Other Technologies
- 4BD Settles Thousands of Bard Hernia Mesh Lawsuits
- 5A RICO Surge Is Underway: Here's How the Allstate Push Might Play Out
Featured Firms
Law Offices of Gary Martin Hays & Associates, P.C.
(470) 294-1674
Law Offices of Mark E. Salomone
(857) 444-6468
Smith & Hassler
(713) 739-1250