BarbriSFCourseDetails

Course Details

This CLE webinar will analyze for insurance counsel current trends and developments in policy language, coverage, claims, and litigation arising from business email compromises (such as social engineering, fraudulent instructions, network security), ransomware, and even ransomware negotiations. The panel will also discuss how insurance may apply to business email compromise losses and which party may be responsible.

Faculty

Description

For potential insurance coverage of losses arising from ransomware attacks or business email compromises (aka email account compromises), the panel will discuss whether policyholders can to look to specialized "cyber" policies, not to CGL, E&O, D&O, or crime policies. As attacks have become more sophisticated, coordinated, expensive, cyber policies and coverages have evolved and adapted.

Newer policies may include updated terms and definitions, new exclusions (such as for state sponsored attacks), or have sublimits. Some cyber policies and insurance carriers assert that they require certain policyholder conduct in order to access coverage and may call for certain minimum security standards to be met.

Allocation of responsibility among various insureds for losses for fraudulent payment scams--e.g., when a buyer is tricked into paying the fraudster--is an important issue but the law is unsettled and developing.

Listen as this experienced panel of cyber insurance experts explores current trends and developments in claims, coverage, and litigation arising from business email compromises, ransomware, and even ransomware negotiations.

Outline

  1. Evolution of business email and ransomware compromises
  2. Allocating responsibility for losses for fraudulent payment/wire transfers
  3. Evolution of cyber insurance
    1. Policy provisions
    2. Minimum security standards
    3. Defining loss or occurrence
    4. Limits, sublimits, co-insurance, and exclusions
  4. Policyholder strategies
  5. Insurer concerns

Benefits

The panel will review these and other key issues:

  • What are the minimum security standards that policyholders must meet to obtain and keep coverage?
  • Do CISA's or NIST's Cybersecurity Best Practices, or state regulations, such as the New York Department of Financial Services Cyber Insurance Framework, apply or offer guidance?
  • Does negotiating with ransomware criminals affect coverage?
  • How does excess coverage apply?