Cyber Insurance

Subscribe to Cyber Insurance

On July 13, 2021, federal bank regulators (the Board of Governors of the Federal Reserve System, the FDIC and the Office of the Comptroller of the Currency) requested public comment on proposed joint guidance regarding banking organizations’ management of risks related to relationships with third-party support and service providers. This blog entry provides highlights on the guidance.
Continue Reading Federal Banking Regulators Request Comment on Proposed Guidance for Third-Party Risk Management

The New York Department of Financial Services, which regulates the business of insurance in New York, has issued guidelines, in the Insurance Circular Letter No. 2 (2021) regarding “Cyber Insurance Risk Framework”, calling on insurers to take more stringent measures in underwriting cyber risks. In the Guidelines, NYDFS cites the 2020 SolarWinds attack as an example of how managing growing cyber risk is “an urgent challenge for insurers.”
Continue Reading New York Regulators Call on Insurers to Strengthen the Cyber Underwriting Process

As previously posted on our Hunton Insurance Recovery blog, a Maryland federal court awarded summary judgment to policyholder National Ink in National Ink and Stitch, LLC v. State Auto Property and Casualty Insurance Company, finding coverage for a cyber attack under a non-cyber insurance policy after the insured’s server and networked computer system were damaged as a result of a ransomware attack.
Continue Reading Maryland Court Finds Coverage for Lost Data and Slow Computers After Ransomware Attack

As reported on the Insurance Recovery Blog, Hunton Andrews Kurth insurance practice head, Walter Andrews, recently commented to the Global Data Review regarding the infirmities underlying an Orlando, Florida federal district court’s ruling that an insurer does not have to defend its insured for damage caused by a third-party data breach.
Continue Reading Hunton Insurance Head Comments on Hotel Data Breach Coverage Dispute

Recently, the Sixth Circuit rejected Travelers Casualty & Surety Company’s request for reconsideration of the court’s July 13, 2018, decision confirming that the insured’s transfer of more than $800,000 to a fraudster after receipt of spoofed emails was a “direct” loss that was “directly caused by” the use of a computer under the terms of