One of the areas of significant concern in the global insurance underwriting community is the potential exposures insurers face from “silent cyber” – that is, the coverage of cybersecurity-related losses under traditional insurance policies that are not expressly designed to cover cyber losses. In a recent ruling in an insurance coverage dispute in which a small business sought insurance coverage for its losses following a ransomware attack, a Maryland federal court judge, applying Maryland law, held that the company’s business owner’s policy (BOP) covered the damages the company incurred.   The ruling highlights the potential coverage available for companies experiencing cyber-security losses under their traditional insurance policies. As discussed below, there are a number of interesting features to this ruling.
Continue Reading Court Holds Business Owner’s Policy Covers Ransomware Caused Losses

John Reed Stark

In the following guest post, John Reed Stark takes a look at the troubling rise of ransomware attacks, and the disturbing relationship between ransomware attacks and bitcoin. John is the President of John Reed Stark Consulting and former Chief of the SEC’s Office of Internet Enforcement. I would like to thank John for allowing me to publish his article as a guest post on this site. I welcome guest post submissions from responsible authors on topics of interest to this blog’s readers. Please contact me directly if you would like to submit a guest post. Here is John’s article.
Continue Reading Guest Post: Ransomware’s Year-End Thank You Note to Bitcoin

John Reed Stark

As cybersecurity has become an increasingly important consideration for all corporate operations, one of the most pernicious problems has been the rise of so-called “ransomware” attacks – that is, systems breaches in which hackers take control of corporate networks and demand ransom payments as a condition of unlocking the systems. In the following guest post, John Reed Stark, President of John Reed Stark Consulting and former Chief of the SEC’s Office of Internet Enforcement, takes a look at the ransomware phenomenon, how companies are responding, and why. A version of this article previously was published on Securities Docket. I would like to thank John for allowing me to publish his article as a guest post. I welcome guest post submissions from responsible authors on topics of interest to this blog’s readers. Please contact me directly if you would like to submit a guest post. Here is John’s article.
Continue Reading Guest Post: Ransomeware’s Dirty Little Secret: Most Corporate Victims Pay