Brokers around the globe are proselytizing about insurance for cyber risks. They say gaps in typical business coverages leave companies exposed to high costs and potentially extraordinary liability without coverage specifically tailored to cyber risks (including, but not necessarily limited to, data breach). And these brokers are right. The brokers, however, are sometimes wrong in encouraging their clients to opt into cyber coverage policies that are far less than ideal.

Recently, a client asked me to review various cyber coverage options presented to it by its broker. The broker had told the client that the cheapest option was, fortunately from the broker’s perspective, the best option. But as I reviewed the various cyber coverage forms, I was reminded that you often get what you pay for.
Continue Reading Holy Cr*p! I Have an Insurance Gap for My Cyber Attack?

President Obama signed an executive order enabling the administration to mete out harsh penalties against foreigners who perpetuate malicious cyberattacks that significantly threaten the national security, foreign policy, economic health or financial stability of the United States.

After a marked increase in the frequency and sophistication of high-profile foreign cyberattacks targeting U.S. businesses, companies have requested the U.S. government to strengthen its deterrents for cyberattacks, especially for those that are state-sponsored.  The order expands the set of tools available to the government by declaring “significant malicious cyber-enabled activities” a “national emergency” and empowering the Treasury Department to freeze assets and impose other sanctions on foreigners participating in cyberattacks.  These sanctions are calculated to deter cyberattacks by removing attackers’ economic incentives.Continue Reading United States Establishes Sanctions Program to Combat Foreign Cyberattacks