As we welcome in 2016, awareness of the variety of information-related risks confronting today’s enterprises, and the availability of insurance covering those risks, is at an all time high. High profile data breaches caused by negligent or non-compliant employees and hackers, ransomware attacks, and social engineering scams have motivated many companies to transfer some of their cyber risks with cyber insurance. But companies that also take steps to better manage their information assets not only improve their cyber risk profile; they also put themselves in better position to secure more favorable cyber insurance coverage terms and rates. [Read more…]
In his article in last month’s issue of MCC, “Learning to Live with Imperfect Security,” my partner Ted Kobus, co-leader of BakerHostetler’s Privacy and Data Protection team, noted that when it comes to data security, being “compromise ready” may be a company’s best defense. Becoming compromise ready in the context of cybersecurity requires focusing on a variety of issues, including network security, employee training, and mobile device management, among other things. Unfortunately, many companies overlook cyberinsurance when they are developing their cybersecurity plan. Although it is no substitute for appropriate security policies and practices, cyberinsurance that is appropriately tailored to a company’s unique risk profile can be a key component of a cybersecurity defense plan. [Read more…]
Although many people think of cyber insurance when confronted with a data breach, cyber insurance may not be quite so top of mind in the context of corporate mergers and acquisitions. Cyber insurance should be, because policies typically contain provisions that are directly affected by such transactions. Enterprises should take a close look at their cyber insurance policy provisions early on in the deal-making process so that coverage for the affected enterprises can be maximized.
The focus on cyber should be especially acute now, both because M&A activity continues to rise and because the importance of cyber coverage is surging on the heels of recent, headline-making data breaches. [Read more…]
Earlier this month, the Department of Justice announced the indictment of 13 individuals associated with the hacker organization Anonymous for a widespread scheme to disrupt and shut down commercial and government websites. Using cybercrime techniques known as Distributed Denials of Service (DDoS) attacks, the hackers “executed a coordinated series of cyber-attacks against victim websites by flooding those websites with a huge volume of irrelevant Internet traffic with the intent to make the resources on the websites unavailable to customers and users of those websites.” Targets of these disruptive attacks included the U.S. Copyright Office, the British Intellectual Property Office, financial institutions, credit card operators, the Motion Picture Association of America and music companies. [Read more…]