“Is Your Company Prepared for Cyber Risk?”
Looking for a great article discussing cyber risk, the costs of cyber risk and data breaches, how companies and corporate boards are dealing with cyber risk, and a discussion about cyber insurance? Then you should click here, to read a great article in Corporate Board Member Magazine, written by Chris Costanzo, “Is Your Company Prepared for Cyber Risk?”
The article’s lede is:
If directors think about cybercrime at all, they are apt to consider cases like Heartland Payment Systems or TJX Cos., in which hackers exposed millions of customer records. Actually, they should be contemplating Google, which accused an electronic spy ring based in China of unleashing sophisticated cyber attacks against its computer systems early last year.
The Google case is emblematic of a new type of cybercrime that is stealthier and potentially more harmful than the massive data breaches that were front-page news a few years ago. When hackers steal customer data, they do it quickly and move on, leaving companies with the administrative hassle of notifying customers.
It goes on to quote several thought leaders on cyber risk, including people who consult on cyber risk, remediation for data breaches and cyber threats, and lawyers who work on the area of insurance coverage for cyber risks. Mr. Costanzo was nice enough to quote me in the article:
That’s not to say companies shouldn’t explore other options. “If you haven’t bought a cyber policy, you should absolutely look to other policies to see what other coverage could be available there,” says Scott Godes, [formerly] counsel at Washington, D.C.-based Dickstein Shapiro. Existing case law backs up the use of general liability or errors and omissions policies to cover cyber breaches, Godes says. “But I would be loathe to say, ‘Don’t buy a cyber policy,’ particularly as insurance companies get more savvy,” he adds.
The entire article is a great read if you have an interest in cyber security and cyber risk. Click here to read the entire article, “Is Your Company Prepared for Cyber Risk?”
This blog is for informational purposes only. This may be considered attorney advertising in some states. The opinions on this blog do not necessarily reflect those of the author’s law firm and/or the author’s past and/or present clients. By reading it, no attorney-client relationship is formed. If you want legal advice, please retain an attorney licensed in your jurisdiction. The opinions expressed here belong only the individual contributor(s). © All rights reserved. 2011.
Scott, this article was indeed worthy of sharing with board members and executives (and not just because you and I were quoted in it; I thought Chris did a nice job of concisely relaying the important information).
Thanks, Rick. I agree, I thought that the article was well-written and gave a nice overview of a lot of the issues in the context of cybersecurity, data breaches, and insurance coverage.