No Result
View All Result
SUBSCRIBE | NO FEES, NO PAYWALLS
MANAGE MY SUBSCRIPTION
NEWSLETTER
Corporate Compliance Insights
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
Corporate Compliance Insights
Home GRC Vendor News

Beware Of Cyber Insurance Policy Gaps

by Corporate Compliance Insights
April 19, 2016
in GRC Vendor News
Beware Of Cyber Insurance Policy Gaps

Misunderstandings over policy language can leave businesses unprotected, LeClair Ryan attorney Richard Caplan warns

Atlanta, GA (4/19/16) – An “alarmingly regular” series of data breaches and other digital attacks against major retailers and other organizations has set off a stampede for cyber insurance, according to Richard Caplan, a litigation associate in national law firm LeClairRyan’s Atlanta office. Purchases of such policies—which buttress traditional crime and general liability coverage—are expected to triple to $7.5 billion by 2020.

“But even if you purchase a cyber-specific insurance policy, disputes over coverage may still arise,” Caplan warns in a recent blog post at Information Counts, which focuses on privacy, data security, information technology, e-commerce and other digital issues. Some recent court rulings illustrate the challenges businesses face when they try to guard themselves against liability, where decisions can hinge on the meaning of certain key words and phrases in a policy.

For example, following the 2011 Sony PlayStation data breach—where sensitive personal data for some 100 million customers was exposed by hackers—a Supreme Court of New York judge ruled that the insurer had no duty to defend or indemnify the electronics company under its Crime and General Liability policy. While the case was on appeal, Sony and its insurer reached a settlement.

“The insurance company argued its policy ‘was never intended to cover cyber losses,'” Caplan writes in the blog, Cyber Insurance: Make Sure You Understand Your Coverage. “But even if you purchase a cyber-specific insurance policy, disputes over coverage may still arise.”

He also cites a case involving Federal Recovery Services, which allegedly mishandled data from a company that operated fitness centers in several states. Federal had a cyber policy, but the United States District Court in Utah determined the insurance company was not obligated to defend Federal under the policy terms.

“This case illustrates two conflicting issues floating around in the world of cyber insurance,” Caplan explains. “First, that whether an insured is actually covered is not always so clear; and, second, that courts may be requiring a heightened standard of care for insurers to diligently investigate a cyber-related claim.”

Companies considering cyber insurance should start with the basics common to any kind of policy, he advises: “Do you need it, what risks should be covered – first-party remediation, third-party claims or both – and how much is enough.”

Other cyber-specific issues include whether the carrier or the insured will choose a forensics expert in the event of a breach or whether the carrier will impose underwriting conditions like data encryption and periodic audits or penetration tests. Also, “What key data are you trying to protect, how it is currently secured and what is the risk of third-party claims or litigation if it is compromised?” Caplan notes. “Many companies think their GCL or Errors & Omissions policies cover certain cyber risks, when in reality those risks may be specifically excluded.”

Additionally, many companies that have already purchased cyber insurance mistakenly think it covers all first-party costs in the event of an incident – like investigation, notification and credit monitoring – when it actually only covers third-party claims or lawsuits.

“If your cyber coverage only kicks in when a third party makes a claim, then practically speaking, you may not have any coverage at all,” he warns. “For now, perhaps the most important thing to do is make sure you do not fall into the category of someone who thinks they are covered when they are not. Also review the language and scope of your coverage on a periodic basis, speak with counsel about developing law in this rapidly evolving area and monitor the way insurance companies are modifying their terms and contracts in response to recent legal and other developments.”

To read the full blog post, visit http://informationcounts.com/understanding-cyber-insurance-coverage/

About LeClairRyan

As a trusted advisor, LeClairRyan provides business counsel and client representation in corporate law and litigation. In this role, the firm applies its knowledge, insight and skill to help clients achieve their business objectives while managing and minimizing their legal risks, difficulties and expenses. With offices in California, Colorado, Connecticut, Delaware, Georgia, Maryland, Massachusetts, Michigan, Nevada, New Jersey, New York, Pennsylvania, Texas, Virginia and Washington, D.C., the firm has approximately 390 attorneys representing a wide variety of clients throughout the nation.  For more information about LeClairRyan, visit www.leclairryan.com.


Previous Post

Internal Controls Enforcement: Hoisting Yourself on Your Own Petard

Next Post

EY Publishes Global Fraud Survey

Corporate Compliance Insights

Corporate Compliance Insights

Corporate Compliance Insights

Related Posts

parliament

Coming Soon to the UK: Sweeping Corporate Criminal Liability Reforms?

by Peters and Peters
March 28, 2023

UK legislators have proposed major amendments to the Economic Crime and Corporate Transparency Bill currently passing through Parliament. If adopted,...

wind turbines

What Companies Around the Globe Need to Know About EU Sustainability Reporting

by John Peiserich
March 28, 2023

By the beginning of next year, large companies in the EU or that do a substantive amount of business in...

amsterdam

At a Gathering of Compliance Practitioners, No Shortage of Food for Thought

by Mary Shirley
March 28, 2023

Last week, about 300 ethics and compliance professionals descended upon Amsterdam’s Hotel Okura to participate in SCCE’s European Compliance &...

documents

Meeting Accounting Standards in an Uncertain Economy

by Tom Zauli
March 28, 2023

After a Covid-related grace period, new contract accounting standards — ASC 606 — are in effect for both public and...

Next Post
EY Publishes Global Fraud Survey

EY Publishes Global Fraud Survey

Compliance Job Interview Q&A

Jump to a Topic

AML Anti-Bribery Anti-Corruption Artificial Intelligence (AI) Automation Banking Board of Directors Board Risk Oversight Business Continuity Planning California Consumer Privacy Act (CCPA) Code of Conduct Communications Management Corporate Culture COVID-19 Cryptocurrency Culture of Ethics Cybercrime Cyber Risk Data Analytics Data Breach Data Governance DOJ Download Due Diligence Enterprise Risk Management (ERM) ESG FCPA Enforcement Actions Financial Crime Financial Crimes Enforcement Network (FinCEN) GDPR HIPAA Know Your Customer (KYC) Machine Learning Monitoring RegTech Reputation Risk Risk Assessment SEC Social Media Risk Supply Chain Technology Third Party Risk Management Tone at the Top Training Whistleblowing
No Result
View All Result

Privacy Policy

Founded in 2010, CCI is the web’s premier global independent news source for compliance, ethics, risk and information security. 

Got a news tip? Get in touch. Want a weekly round-up in your inbox? Sign up for free. No subscription fees, no paywalls. 

Follow Us

Browse Topics:

  • CCI Press
  • Compliance
  • Compliance Podcasts
  • Cybersecurity
  • Data Privacy
  • eBooks Published by CCI
  • Ethics
  • FCPA
  • Featured
  • Financial Services
  • Fraud
  • Governance
  • GRC Vendor News
  • HR Compliance
  • Internal Audit
  • Leadership and Career
  • On Demand Webinars
  • Opinion
  • Resource Library
  • Risk
  • Uncategorized
  • Videos
  • Webinars
  • Well-Being
  • Whitepapers

© 2022 Corporate Compliance Insights

No Result
View All Result
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe

© 2022 Corporate Compliance Insights

Welcome to CCI. This site uses cookies. Please click OK to accept. Privacy Policy
Cookie settingsACCEPT
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
cookielawinfo-checbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
SAVE & ACCEPT