Joel Bruckman
Sarah Abrams

As I have noted in prior post on this site (most recently here), the prospect of out-sized liabilities under the Illinois Biometric Information Privacy Act (BIPA) is a significant concern for companies and for their insurers alike. As discussed in the following guest post from Joel Bruckman, Partner, Freeborn & Peters, LLP, and Sarah Abrams, Head of Professional Liability Claims, Bowhead Specialty Underwriters, recent BIPA-related developments further underscore these concerns and raise important insurance issues as well. I would like to thank Joel and Sarah for allowing me to publish their article as a guest post on this site. I welcome guest post submissions from responsible authors on topics of interest to this blog’s readers. Please contact me directly if you would like to submit a guest post. Here is Joel and Sarah’s article.
Continue Reading Guest Post: Runaway BIPA Recoveries Impact Company Liability and Cyber Insurance

Rachel Soich

As I have noted in prior posts on this site, cybersecurity issues can lead to D&O claims. In the following guest post, Rachel Soich, FCAS, MAAA. Consulting Actuary at Milliman, considers steps that companies can take to avoid cyber-related D&O costs. A prior version of this article previously was published in Milliman Insight. I would like to thank Rachel for allowing me to publish her article as a guest post on this site. I welcome guest post submissions from responsible authors on topics of interest to this blog’s readers. Please contact me directly if you would like to submit a guest post. Here is Rachel’s article.
Continue Reading Guest Post: Three Ways to Avoid Cyber-Related D&O Costs

The business pages have been full in recent months with tales of cyber extortion and ransomware. In an effort to try to explain these developments, some commentators have suggested that the availability of ransomware coverage under cyber insurance is a cause of the problem. In the following guest post, Paul Ferrillo takes on the question of the role of cyber insurance availability in the proliferation of ransomware incidents. Paul is a partner in the securities litigation group at the Seyfarth Shaw law firm. I would like to thank Paul for allowing me to publish his article as a guest post on this site. I welcome guest post submissions from responsible authors on topics of interest to this blog’s readers. Please contact me directly if you would like to submit a guest post. Here is Paul’s article.
Continue Reading Cybersecurity Insurance Did NOT Cause the Ransomware Plague

Paul A. Ferrillo

As I noted in a prior post, the recent state-sponsored cyber incident carried out through an attack on SolarWinds has a number of important implications. As noted in the following guest post from Paul Ferrillo, the incident could also have important implications for the cyber insurance marketplace. Paul is a partner in the McDermott, Will & Emery law firm. I would like to thank Paul for allowing me to publish this article as a guest post on this site. I welcome guest post submissions from responsible authors on topics of interest to this blog’s readers. Please contact me directly if you would like to submit a guest post. Here is Paul’s article.
Continue Reading Guest Post: SolarWinds – Einstein Failed Us, and the Cyber Insurance Markets will Feel the Squeeze

Paul Ferrillo

In the following guest, Paul Ferrillo takes a look at the current deteriorating cyber insurance claims environment and offers his views on the likely impact of the claims developments on the market for cyber insurance in 2021. Paul is a partner in the McDermott, Will & Emery law firm. My thanks to Paul for allowing me to publish his article as a guest post on this site. I welcome guest posts from responsible authors on topics of interest to this blog’s readers. Please contact me directly if you would like to submit a guest post. Here is Paul’s article.
Continue Reading Guest Post: Be Prepared: Costly Cyber Claims Could Lead to Higher Premiums in 2021

Paul Ferrillo

In the following guest post, Paul Ferrillo provides a primer for the purchase of cybersecurity insurance. Paul is a partner in the McDermott, Will & Emery law firm. My thanks to Paul for allowing me to publish his article as a guest post on this site. I welcome guest posts from responsible authors on topics of interest to this blog’s readers. Please contact me directly if you would like to submit a guest post. Here is Paul’s article.
Continue Reading Guest Post: The Basics and Essentials of Purchasing Cybersecurity Insurance

Many of you probably saw the news this past week that Target has filed a lawsuit against one of its insurers over losses the company sustained in connection with the company’s 2014 data breach. The Target lawsuit is the latest in a series of high profile insurance battles in which companies are seeking to recoup losses resulting from cybersecurity incidents. However, as my friend, colleague, and Cyber insurance maven Mickey Estey pointed out to me, in its lawsuit Target is in fact not seeking to recover its claimed losses under a cyber insurance policy; rather, in its latest lawsuit, Target is seeking to recover for certain of its losses under its general liability policy. The Target lawsuit is only the latest in a series of high-profile insurance disputes in which companies that have sustained losses from a cybersecurity event are seeking coverage under a variety of different types of policies.
Continue Reading Seeking Insurance for Cybersecurity-Related Losses

One of the more challenging issues businesses must confront as wrongdoers have turned Internet tools into criminal devices has been the rising threat of payment instruction fraud, or, as it is sometimes called, social engineering fraud. Along with these crimes have come vexing questions of insurance coverage for the ensuing losses. Courts have struggled to determine whether or not payment instruction fraud losses are covered under Crime policies. A recent case in the Southern District of New York raises the question whether a payment instruction fraud loss is covered not under a Crime policy but rather under insurance policy containing both E&O and Cyber coverages.
Continue Reading Insurer’s Bid to Dismiss Complaint Seeking Coverage for Payment Instruction Loss Denied

When the European Union’s updated General Data Protection Regulation (GDPR) went into effect on May 25, 2018, media reports focused on the potentially massive fines that the regulation authorizes – the regulation authorizes fines of up to €20 million or 4 percent of a company’s annual worldwide revenue, whichever is higher, for noncompliance with the regulation’s strict data collection and use requirements. The possibility of regulatory fines of this magnitude immediately raised the question of whether or not insurance is available to protect companies against the huge financial exposure. The answer to this question, it turns out, is complicated.
Continue Reading Are GDPR Fines and Penalties Insurable?