On October 18, 2016, the United States Court of Appeals for the Fifth Circuit held in Apache Corp. v. Great American Ins. Co. that a crime protection insurance policy does not cover loss resulting from a fraudulent email directing funds to be sent electronically to the imposter’s bank account because the scheme did not constitute “computer fraud” under the policy.
Continue Reading Court Rules Fraud Involving a Computer Is Not ‘Computer Fraud’ under Crime Protection Policy

A panel of the Fourth Circuit confirmed that general liability insurance policies can afford coverage for cyber-related liabilities, and ruled that an insurer had to pay attorneys’ fees to defend the policyholder in class action litigation in Travelers Indemnity Company v. Portal Healthcare Solutions, No. 14-1944.
Continue Reading If a Data Breach Occurs and Nobody Accesses Customer Data, Does it Constitute “Publication”?

On February 3, 2015, the SEC released a Risk Alert providing a summary of observations from the recent round of cybersecurity examinations of registered broker-dealers and investment advisers under the Cybersecurity Examination Initiative.
Continue Reading SEC Releases Observations from Recent Cybersecurity Examinations of Broker-Dealers and Advisers

In a recent article published in the Daily Journal, Hunton and Williams’ Insurance Coverage Counseling and Litigation attorney William T. Um offers a primer on cyber insurance, outlining key considerations for businesses as they explore this emerging area of coverage. This blog entry provides a link to download the full article.
Continue Reading Exploring Cyber Insurance: What Companies Need to Know Now

The scale of some recent cyber events has been extraordinary and is leading companies to seek protection through both technology and financial products, such as insurance. This blog entry details the potential impact of some insurers’ reluctance to remove terrorism exclusions from their policies.
Continue Reading Broad Interpretations of Terrorism Exclusions Are Incompatible with Cyber Insurance

On February 12, 2014, the National Institute of Standards and Technology issued the final Cybersecurity Framework, as required under Section 7 of the Obama Administration’s February 2013 Executive Order, Improving Critical Infrastructure Cybersecurity. This blog entry highlights the final Framework and offers comparisons to the preliminary framework released in October of last year.
Continue Reading NIST Releases Final Cybersecurity Framework

On November 4, 2013, the China Insurance Regulatory Commission, which is the Chinese regulatory and administrative authority for the insurance sector, issued new measures that require life insurance companies and their agents to ensure the authenticity of the personal data of life insurance policy holders.
Continue Reading China Insurance Regulatory Agency Promulgates New Rule Protecting Personal Data of Life Insurance Customers

On October 7, 2013, a federal district court in California held that a general liability insurance policy covered data breach claims alleging violations of California patients’ right to medical privacy. This blog post includes a downloadable client alert on the ruling.
Continue Reading Insurance Policy’s Statutory Rights Exclusion Does Not Apply to Data Breach Claims