Duped Into Wiring $5 Million? Cyber Insurance Could Cover It
In their Privacy Matters column, Richard Raysman and Peter Brown write: Courts have begun to encounter a growing number of disputes over cyber insurance coverage, mostly relating to the scope of coverage, not to its existence. One recent example is the Southern District of New York's decision in 'Medidata Solutions v. Federal Insurance Co.'
August 07, 2017 at 02:02 PM
7 minute read
For businesses both large and small, cybersecurity threats continue to proliferate, to the point where being the victim of a cyberattack seems almost inevitable. According to a recent study, cybercrime cost the global economy $454 billion in 2016. As such, cyber insurance policies have become an increasingly popular method of mitigating the resulting losses, which can encompass both financial and reputational harm. For example, insurers have reported a “rapid rise” in cyber insurance policies following the June 2017 “Wannacry” ransomware attack. Even the government is getting involved, as on July 26 of this year, the House of Representatives convened a hearing titled “Protecting Small Business from Cyber Attacks: the Cybersecurity Insurance Option.”
The cyber insurance market is projected to grow from $1 billion in 2015 to over $7 billion in the next five to 10 years, depending on the source of the projection. According to a recent survey, 70 percent of businesses now offload the risk of a cyber-attack to a third-party insurance company. Given recent trends, this estimate is unsurprising. Insurers have taken note: In the early 2000s, fewer than a dozen offered cyber insurance coverage, whereas more than 70 do as of 2016.
Courts have begun to encounter a growing number of disputes over cyber insurance coverage, mostly relating to the scope of coverage, not to its existence. One recent example is the Southern District of New York's decision in Medidata Solutions v. Federal Insurance Co., No. 15-cv-907 (ALC) (S.D.N.Y. July 21, 2017). As discussed in this column, the Medidata court confronted myriad issues, including: (1) whether the insured was covered based on unauthorized access to (not use of) its computer systems; and (2) if there existed a sufficient connection between employee communications with a thief posing as the company's president and the resulting fraudulent wire transfer of nearly $5 million.
Background
In 2014, Medidata Solutions, a cloud computing service provider, informed its finance department of near-term business plans, including a potential acquisition. Medidata also instructed its finance team to “be prepared to assist with significant transactions on an urgent basis.”
This content has been archived. It is available through our partners, LexisNexis® and Bloomberg Law.
To view this content, please continue to their sites.
Not a Lexis Subscriber?
Subscribe Now
Not a Bloomberg Law Subscriber?
Subscribe Now
NOT FOR REPRINT
© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.
You Might Like
View AllThe Challenge of AI Governance: The Blessing and the Curse of Safeguarding Personal Data
13 minute readEstablishing New Test for Cost-Shifting, Court Allocates Costs for Data Security in Discovery
9 minute readIs Invasion of Privacy an Appropriate Analogue for Data Breach Cases?
8 minute readTrending Stories
- 1The Law Firm Disrupted: Playing the Talent Game to Win
- 2A&O Shearman Adopts 3-Level Lockstep Pay Model Amid Shift to All-Equity Partnership
- 3Preparing Your Law Firm for 2025: Smart Ways to Embrace AI & Other Technologies
- 4BD Settles Thousands of Bard Hernia Mesh Lawsuits
- 5A RICO Surge Is Underway: Here's How the Allstate Push Might Play Out
Featured Firms
Law Offices of Gary Martin Hays & Associates, P.C.
(470) 294-1674
Law Offices of Mark E. Salomone
(857) 444-6468
Smith & Hassler
(713) 739-1250