Bloomberg BNA Corporate Accountability Report Guest Article: A Policyholder’s Guide to Insurance Coverage for ‘‘Cyber’’ Events (Part I)


The threats facing U.S. companies from cyber attacks are myriad. Third-party claims by customers or employees for damages resulting from the disclosure of personally identifiable information or lack of access,loss of valuable trade secrets or other intellectual property of the insured or others, interruption of business operations, credit monitoring expense, damaged reputations, privacy notification, regulatory investigations, follow-on fiduciary and shareholder derivative litigation, and data loss are only a few of the risks to which businesses (and any other organization possessing material amounts of data) are exposed. The financial stakes associated with any one of these risks are staggering.

When it comes to insurance coverage, the potential‘‘cyber’’ solutions now available in the market can seem equally vast and daunting. Within the past few years,most major insurance carriers have unveiled new or revised policy forms specifically designed to protect against the burgeoning threat of cyber attacks and related liability and other risks. While ‘‘liability’’ is invariablyincluded in the titles of most ‘‘cyber,’’ ‘‘infor-mation security,’’ ‘‘network,’’ or ‘‘privacy’’ forms, such policies also typically include what are traditionally thought of as first-party coverages from privacy notification coverage, crisis management, extortion, and vandalism coverage to data loss, business interruption, and extra expense. Still other policies may contain quasifidelity coverages protecting against loss resulting from computer fraud and funds transfer fraud. Even with respect to third-party liability risk, the terms and the resulting scope of coverage may vary widely from one policy form to the next. Alternatively, corporate insureds may address so-called ‘‘cyber’’ risks with customized ‘‘riders’’ and ‘‘endorsements’’ to traditional liability, property and fidelity policies.

With so many distinct choices for addressing such an important risk, it is critically important for corporate policyholders both to understand the potential issues that may arise from different ‘‘cyber’’ policy terms and select and negotiate the coverage that is most appropriate and most likely to avoid a dispute in the event of a claim. What follows is a list of key policy terms and the material considerations for each when negotiating dedicated ‘‘cyber’’ coverage.

Excerpted from Bloomberg BNA Corporate Accountability Report, August 9, 2013. To view full article, click on the PDF linked below.

PDF - A Policyholder’s Guide to Insurance Coverage for ‘‘Cyber’’ Events (Part I)


Email Disclaimer