10 Tips To Maximize Cyber Insurance Recovery

Originally published in the Sept/Oct 2014 issue of Anderson Kill's Policyholder Advisor newsletter

Businesses face two enormous challenges when seeking to contain cyber risks and maximize cyber insurance recovery. First, the risks are by their very nature ever-evolving and thus difficult to stay abreast of, let alone contain. Second, the insurance marketplace is in flux and fragmented. Below are 10 tips for maximizing cyber insurance recovery.

  1. Make sure your insurance matches the way you conduct online business and process data.

    For example, there are insurance coverage implications if you use cloud computing or other vendors for hosting and processing data. Many cyber-risk insurance policies available today can be tailored to reflect the fact that the policyholder may delegate to third-party data management and hosting.

  2. Do not rule out coverage for a claim under traditional business policies.

    If a cyber loss occurs, consider D&O, E&O, crime and general liability insurance coverage depending on the claim against your company or the form of loss. We have had success in winning coverage for our clients for cyber-related losses under traditional coverage.

  3. Avoid cyber insurance policy terms that condition coverage on the policyholder having employed "reasonable" data security measures.

    These clauses are so vague and subjective that they are bound to lead to coverage fights. Further, given the lightning speed of technological innovation and amorphous nature of cyber risks, a cyber security practice that was reasonable just months ago may look reckless with the benefit of hindsight.

  4. If you possess or process consumer or business credit card information, make sure that you have coverage for fraudulent card charges and credit card brand assessments and fines - these can be large exposures when there is a significant data breach.

  5. If you do business with individual consumers and obtain their personal identifying information, make sure you have coverage (including attorneys' fee coverage) for the inevitable expenses of responding to informal inquiries and formal proceedings that ensue from state attorneys general, the Federal Trade Commission and others when a breach occurs (often implicating residents of several states).

  6. Make sure that your insurance covers breaches arising from mobile devices that may or may not be connected to the company's computer network.

    More and more employees can access systems through tablets, smartphones, and...

To continue reading

Request your trial

VLEX uses login cookies to provide you with a better browsing experience. If you click on 'Accept' or continue browsing this site we consider that you accept our cookie policy. ACCEPT