Author Archives: Scott Godes

Please check out: “Cyberattacks and Insurance Coverage.”

Posted on by 2 comments

The Policyholder Informer blog of the insurance coverage and insurance recovery practice of my former firm, Dickstein Shapiro LLP, is featuring a post that I co-authored with my former colleague Brian Finch.  Brian is a partner and the practice leader for our firm‘s Global Security practice.

The post, which is found via the Internet Archive, is “Cyberattacks and Insurance Coverage.”  The introduction to the post reads:

Most everyone agrees that the cyber threat is real at this point.  The recent release of a report alleging that individuals in China engaged in a sustained campaign of cyberattacks against the United States only served to drive this point home.  All of this information has naturally intensified the debate in Washington, DC on what to do regarding cybersecurity.  Congress is continuing its years long back and forth about whether to impose regulations on sectors of the economy, and the White House has issued an Executive Order to create a voluntary program to encourage companies to practice better cybersecurity.

The post discusses risk management and the idea of threat elimination in the context of cybersecurity, as well as insurance coverage for cyberrisks.  It provides a brief overview of the insurance marketplace for cyberinsurance and refers to recent decisions finding coverage for cyberrisks under other insurance policies, including a crime insurance policy with a computer fraud rider.  Please check out the entire post by clicking here.

Disclaimer:

This blog is for informational purposes only. This may be considered attorney advertising in some states. The opinions on this blog do not necessarily reflect those of the author’s law firm and/or the author’s past and/or present clients. By reading it, no attorney-client relationship is formed. If you want legal advice, please retain an attorney licensed in your jurisdiction. The opinions expressed here belong only the individual contributor(s). © All rights reserved. 2013.

Please check out: “The Alleged LivingSocial Hack and Data Breach Highlights Importance of Insurance for Cyberrisks.”

Posted on by 2 comments

The Policyholder Informer blog of the insurance coverage and insurance recovery practice of my formerComputer security concept firm, Dickstein Shapiro LLP, had featured my post, “The Alleged LivingSocial Hack and Data Breach Highlights Importance of Insurance for Cyberrisks.”

The introduction to the post read:

On April 26, 2013, there were reports that LivingSocial had been hacked and suffered a data breach. A page on LivingSocial’s website stated: “The information accessed includes names, email addresses, date of birth for some users, and encrypted passwords — technically ‘hashed’ and ‘salted’ passwords.” CNNMoney reported that data for more than 50 million customers may have been accessed. With similar data breach events taking place seemingly with more frequency, it is critical that entities understand whether they have insurance that provides coverage for such risks.

The post provided details of insurance coverage for data breaches and hacks.  It discusses cyberinsurance, crime insurance, CGL insurance, and other insurance policies, and whether and how they could provide insurance for data breaches.  The entire post has been archived by the Internet Archive Wayback Machine, and may be found by clicking here.

Disclaimer:

This blog is for informational purposes only. This may be considered attorney advertising in some states. The opinions on this blog do not necessarily reflect those of the author’s law firm and/or the author’s past and/or present clients. By reading it, no attorney-client relationship is formed. If you want legal advice, please retain an attorney licensed in your jurisdiction. The opinions expressed here belong only the individual contributor(s). © All rights reserved. 2013.

Please check out: “State Attorneys General Increasingly Concerned with Data Privacy.”

Posted on by Leave a comment

The Policyholder Informer blog of the insurance coverage and insurance recovery practice of my formerData Privacy firm, Dickstein Shapiro LLP, is featuring a post that I co-authored with my former colleagues Divonne Smoyer and Aaron Lancaster.  Divonne and Aaron both work in my former firm‘s State Attorneys General practice group.

The post is “State Attorneys General Increasingly Concerned with Data Privacy.”  The introduction to the post reads:

Over the past few years, State Attorneys General (AGs) have grown increasingly active in a variety of areas not traditionally within their domain. One of the areas in which AGs have increased their attention is data privacy. Notably, in the past year AGs have added data privacy enforcement units, worked with their legislatures to expand their data privacy enforcement capabilities, and have brought high-profile investigations and enforcement matters on data privacy issues. As a result of this increased activity, companies should closely scrutinize their insurance portfolios to ensure that they are covered for any such investigations and enforcement activity, and, if not, work with insurance brokers to consider obtaining insurance to address these risks.

The post provides details regarding recent developments, and provides predictions regarding, state AG activity in the area of data privacy.  It also provides tips regarding insurance coverage for state AG investigations relating to data privacy and cybersecurity.  Please check out the entire post by clicking here.

Disclaimer:

This blog is for informational purposes only. This may be considered attorney advertising in some states. The opinions on this blog do not necessarily reflect those of the author’s law firm and/or the author’s past and/or present clients. By reading it, no attorney-client relationship is formed. If you want legal advice, please retain an attorney licensed in your jurisdiction. The opinions expressed here belong only the individual contributor(s). © All rights reserved. 2013.

Please check out: “Seeking Insurance Under Someone Else’s Policy? Tips for Companies Requiring Additional Insured Status.”

Posted on by 3 comments

The insurance coverage and insurance recovery practice of my formerDanger - Construction Area firm, Dickstein Shapiro LLP, has a new blog, Policyholder Informer.  The Policyholder Informer blog is featuring my post, “Seeking Insurance Under Someone Else’s Policy? Tips for Companies Requiring Additional Insured Status.”

The introduction to the post reads:

If your company is in the construction field, then you know it well: the request to be added as an additional insured to another company’s insurance policy. For example, general contractors (GC) often require subcontractors to add the GC as an additional insured to the subcontractor’s insurance policy. That continues down the line of subcontractors and sub-subcontractors.

I also give five initial pointers regarding additional insured coverage for companies requesting additional insured status.  The Internet Wayback Machine has an archive of the post, which you can check out by clicking here.

Disclaimer:

This blog is for informational purposes only. This may be considered attorney advertising in some states. The opinions on this blog do not necessarily reflect those of the author’s law firm and/or the author’s past and/or present clients. By reading it, no attorney-client relationship is formed. If you want legal advice, please retain an attorney licensed in your jurisdiction. The opinions expressed here belong only the individual contributor(s). © All rights reserved. 2014.

Please check out “A Growing Corporate Risk: Work-Issued Mobile Devices.”

Posted on by Leave a comment

Work-issed mobile devicesAnya Khalamayzer, of PropertyCasualty 360 – National Underwriter, wrote an article that details some of cybersecurity and insurance issues that employers should keep in mind when the enterprise issues mobile devices to employees.

The lede is:

Corporate leaders issuing cell phones to employees to conduct business-related communication are realizing tablets are one of the evolving technologies that keep them walking the razor’s edge of cyber exposure.

The article discusses the rise of cyberrisks related to mobile devices. Ms. Khalamayzer notes multiple international cybersecurity incidents allegedly stemming from mobile devices.

She also quotes me about the potential cybersecurity and data privacy risks relating to mobile devices.  She then reiterates my thoughts about insurance coverage for those cybersecurity, data breach, data privacy, and corporate security risks.  Please click on over and read the entire piece.

Disclaimer:

This blog is for informational purposes only. This may be considered attorney advertising in some states. The opinions on this blog do not necessarily reflect those of the author’s law firm and/or the author’s past and/or present clients. By reading it, no attorney-client relationship is formed. If you want legal advice, please retain an attorney licensed in your jurisdiction. The opinions expressed here belong only the individual contributor(s). © All rights reserved. 2013.

Please check out my VentureBeat article, “Risky business: How cloud tech & mobile workers add up to an insurance nightmare”

Posted on by 2 comments

Cloud Computing on TabletVentureBeat recently published an article that I wrote regarding the cloud and insurance coverage for cloud-based risks.  I discuss the rise of cloud computing within the enterprise, including the use of personal cloud providers by employees that bring their own device (BYOD), potential risks related to the cloud, and insurance coverage for cloud-based risks.  I discuss whether and what types of insurance policies might cover cloud-based risks.  I also give tips on what companies should consider when purchasing insurance policies for cloud-related risks.

If you are interested in reading the entire article, please click here.

Disclaimer:

This blog is for informational purposes only. This may be considered attorney advertising in some states. The opinions on this blog do not necessarily reflect those of the author’s law firm and/or the author’s past and/or present clients. By reading it, no attorney-client relationship is formed. If you want legal advice, please retain an attorney licensed in your jurisdiction. The opinions expressed here belong only the individual contributor(s). © All rights reserved. 2013.

myspace profile views counter

Matt Dunning quotes me in his article, “Risk management strategy must be in place before moving data to the cloud.”

Posted on by 3 comments

Cloud computingMatt Dunning wrote an article for Business Insurance discussing potential risks and risk management techniques that companies consider when making the move to the cloud.

The lede is:

Companies using cloud computing to supplement or replace in-house data storage systems without a cohesive risk management strategy can expose themselves to substantial financial losses and reputational harm, cyber risk experts say.

Matt was kind enough to quote me in the piece.  I discuss insurance coverage for the cloud and cloud-based risks.  You may have to register with Business Insurance to see that part of the article.

The article has interesting points for risk managers, as well as compliance and IT personnel that are considering moving data, software, operations, or more to the cloud.  Please click on over and read the entire piece.

Disclaimer:

This blog is for informational purposes only. This may be considered attorney advertising in some states. The opinions on this blog do not necessarily reflect those of the author’s law firm and/or the author’s past and/or present clients. By reading it, no attorney-client relationship is formed. If you want legal advice, please retain an attorney licensed in your jurisdiction. The opinions expressed here belong only the individual contributor(s). © All rights reserved. 2013.  As a presenter at the conference for Business Insurance, I was not be charged a fee to attend the meeting.

Matt Dunning quotes me in “Cloud-based storage greatly increases cyber security exposures: Panel.”

Posted on by One comment

2013 Risk Management SummitThis week, I was a speaker at the Business Insurance Risk Management Summit. My session addressed cloud computing issues.  Here’s the write up from the agenda:

Cloud Computing — Cloud computing offers opportunities for efficiency and cost savings but can introduce a host of risks in areas such as information security, reputation, business interruption, jurisdictional issues and regulation and compliance. This session will focus on the nature of the exposures associated with cloud computing services and how to address the risks looking at such mitigation areas as risk management, contractual issues and insurance coverage options.

Matt Dunning wrote an article that details the tips that our panel, and the prior presenter, Emily Cummins, gave to risk managers regarding cloud computing.  We summarized the risks and opportunities related to the cloud, and gave takeaways that could be put to use after the conference ended.  Matt quoted me in the piece:

Panelists said that while reported incidents of cloud-based data breaches have been scarce among manufacturers, software companies, communications firms and financial institutions, risk managers should not assume the technology can be implemented easily or without thorough risk analyses and data security control tests.

“There may have only been a few breaches so far, but risk managers have jobs and attorneys have jobs because the world continues to change,” said Scott Godes, a Washington-based attorney [formerly] at Dickstein Shapiro L.L.P.

The article has helpful pointers for risk managers considering moving their data, applications, or infrastructure to the cloud.  Be sure to click on over and read the entire piece.

Disclaimer:

This blog is for informational purposes only. This may be considered attorney advertising in some states. The opinions on this blog do not necessarily reflect those of the author’s law firm and/or the author’s past and/or present clients. By reading it, no attorney-client relationship is formed. If you want legal advice, please retain an attorney licensed in your jurisdiction. The opinions expressed here belong only the individual contributor(s). © All rights reserved. 2013.  As a presenter, I was not be charged a fee to attend the meeting.

Jeffrey Steele quotes me in his Multi Housing News article, “Addressing Cyber Security: New Tools and Laws Combat the Threat.”

Posted on by 5 comments

Multihousing building

In his article, Addressing Cyber Security:  New Tools and Laws Combat the Threat, Multi Housing News contributing editor Jeffrey Steele writes about cyber risks, risk management, and insurance coverage for the multi housing industry for the February 2013 edition of the magazine.

The article opens:

The growing threat to companies in the multifamily industry from cyber-attacks is serious enough that the National Apartment Association staged a webinar in 2012 entitled “The New Cyber Reality for the Multifamily Rental Housing Industry: Threats, Responsibilities and Risk Management Strategies.”  [Link added]

In this special tech report, Multi-Housing News interviews two of the leading participants on that panel to discuss the types of threats the industry faces, legislative developments currently underway, and what measures companies can undertake now to ensure they are prepared in the event of such attacks.

Mr. Steele interviewed my former colleague, Brian Finch, and me, for the article, getting our thoughts on cyber and privacy risks facing the multifamily housing industry.  We discuss data breach laws that could affect the multifamily housing industry, including the current slate of 46 different state data breach notification laws, current legislative developments, and risk mitigation tools.  We also give some predictions as to the future of cyber and privacy risks.

If you’d like to read the full piece, please click on over to Addressing Cyber Security:  New Tools and Laws Combat the Threat to read the entire article.

Disclaimer:

This blog is for informational purposes only. This may be considered attorney advertising in some states. The opinions on this blog do not necessarily reflect those of the author’s law firm and/or the author’s past and/or present clients. By reading it, no attorney-client relationship is formed. If you want legal advice, please retain an attorney licensed in your jurisdiction. The opinions expressed here belong only the individual contributor(s). © All rights reserved. 2013.

Please join me for the March 5 and 6, 2013 Business Insurance Risk Management Summit.

Posted on by One comment

2013 Risk Management SummitI am happy to announce that I will be a speaker at the Business Insurance Risk Management Summit, March 5 & 6, 2013.  It will be held at the Westin Grand Central in New York City. I hope that you will join me for this exciting event.

The two day conference is designed to serve the information and networking needs of senior risk managers from the largest US and Global companies.

As Business Insurance explains:

The annual Risk Management Summit, now in it its fourth year, provides attendees with focused insight via specific, timely general sessions and strategic, thought-provoking discussions with peers and industry leaders.

My session, from 2:30 – 3:30 pm on March 5, will address cloud computing issues.  Here’s the write up from the agenda:

Cloud Computing — Cloud computing offers opportunities for efficiency and cost savings but can introduce a host of risks in areas such as information security, reputation, business interruption, jurisdictional issues and regulation and compliance. This session will focus on the nature of the exposures associated with cloud computing services and how to address the risks looking at such mitigation areas as risk management, contractual issues and insurance coverage options.

Please be sure to join us!  Registration for the Risk Management Summit is now open.  If you are a Risk Manager at a Fortune 1000 or higher company, a former Business Insurance Risk Manager of the Year, a former Business Insurance Risk Manager of the Year Honor Roll member, or a Risk Executive at a privately-held company with revenues in excess of $2.5 billion, please register for the Summit here.  Additional registration categories are available, please review the information provided in the Registration Link to see if you qualify.

Disclaimer:

This blog is for informational purposes only. This may be considered attorney advertising in some states. The opinions on this blog do not necessarily reflect those of the author’s law firm and/or the author’s past and/or present clients. By reading it, no attorney-client relationship is formed. If you want legal advice, please retain an attorney licensed in your jurisdiction. The opinions expressed here belong only the individual contributor(s). © All rights reserved. 2013.  As a presenter, I will not be charged a fee to attend the meeting.

Michael P. Voelker quotes me in his Property Casualty 360 article, “As Cyber Coverage Soars, Opportunity Clicks.”

Posted on by One comment

credit card data breach reportIn his article, As Cyber Coverage Soars, Opportunity ClicksProperty Casualty 360° author Michael P. Voelker writes about cyber and privacy risks, as well as the current state of the market for cyber insurance.

The article opens:

Cyber insurance maintained its double-digit premium-volume growth in 2012, with capacity high, pricing competitive and buyers increasingly willing to pull the trigger on both third- and first-party coverage. Thanks to a proliferation of data breaches, an ever-increasing number of regulations around the protection of private information, and the growing availability and awareness of Cyber insurance, business is booming in this marketplace.

The article provides comments from a number of people in the industry, including brokers, consultants, and underwriters.  Mr. Voelker also quoted me in the article.

Want to read the other opinions and thoughts offered on the subject?  Then click on over to  As Cyber Coverage Soars, Opportunity Clicks to read the entire article.

Update:  The post has been updated to reflect the article’s title of As Cyber Coverage Soars, Opportunity Clicks.  A version of the article also is available, as previously posted, with the title Cyber: Sexy – Capacity, Competition Increase Despite Claims and Concerns Over Expanding Risk.

Disclaimer:

This blog is for informational purposes only. This may be considered attorney advertising in some states. The opinions on this blog do not necessarily reflect those of the author’s law firm and/or the author’s past and/or present clients. By reading it, no attorney-client relationship is formed. If you want legal advice, please retain an attorney licensed in your jurisdiction. The opinions expressed here belong only the individual contributor(s). © All rights reserved. 2013.

Join me for the ABA Insurance Coverage Litigation Committee’s 2013 Annual CLE Seminar in Tucson, Arizona!

Posted on by Leave a comment

Tucson skyline and Catalina Mountains at duskWinter got you down?  Want to get away to someplace warm and dry?  Do you want to learn about insurance coverage, mingle with insurance coverage practitioners, and get continuing legal education (CLE) credits while you are enjoying the weather?  Of course you do.  Insurance coverage is crucial at any time, and you know that insurance coverage during the economic downturn is essential.  And if you are an attorney licensed in a jurisdiction that requires CLE credits, aren’t you always on the lookout for high quality legal education seminars that will help you meet your CLE annual requirements?

If you said yes to any of those questions, then you’ll want to join me in Tucson, Arizona at the Loews Ventana Canyon Resort for the ABA’s 2013 Insurance Coverage Litigation Committee (ICLC) CLE seminar, from February 28 through March 2, 2013 in Tucson, Arizona.

Here’s what the ABA ICLC says about the seminar:

Please join the nation’s top insurance and policyholders’ counsel and other industry leaders at the Insurance Coverage Litigation Committee’s 25th Anniversary CLE Seminar at the Loews Ventana Canyon Resort in Tucson, Arizona starting on February 28 through March 2, 2013. This year’s program will feature high-quality presentations and valuable networking opportunities as prior ICLC programs. Our program chairs Suzan Charlton and Rahul Karnani and vice chairs, Anna Torres and Jim Cooper have put together a great program touching on multiple hot topics that are sure to touch upon your practice, and cutting edge trial techniques. Please look for the brochure shortly and be sure to reserve you room quickly.  If you missed last year’s meeting, you will certainly enjoy the amenities at the Loews including its hiking trails, pool side bar and restaurant, spa and golf course.  We look forward to seeing you in Tucson.

You ABA Section of Litigation Insurance Coverage Litigation Co-Chairs,

Ronald L. Kammer and Sherilyn Pastor

I will be speaking at a roundtable discussion about cyber legislation and regulation, and insurance coverage for those issues.  Will we discuss issues such as the Securities and Exchange Commission’s (SEC) Corporation Finance’s Disclosure Guidance Topic No. 2, Cybersecurity and insurance coverage in light of that guidance?  Come to the session and find out!:

Friday, March 1, 2013
12:35 pm – 2:00 pm

Cyber Legislation and Regulation: The Full Employment for Lawyers Acts.

Speakers:

Scott N. Godes

Rick Bortnick

Elissa Doroff

Interested in attending?  Then head on over to the ABA’s website to register.  If you’re looking for the reservations page for the event on the Loews Ventana Canyon hotel website, you can find it by clicking here.

Disclaimer:

This blog is for informational purposes only. This may be considered attorney advertising in some states. The opinions on this blog do not necessarily reflect those of the author’s law firm and/or the author’s past and/or present clients. By reading it, no attorney-client relationship is formed. If you want legal advice, please retain an attorney licensed in your jurisdiction. The opinions expressed here belong only the individual contributor(s). © All rights reserved. 2013.

myspace profile views counter

Please join me for the January 11, 2013 Delaware Valley RIMS Chapter Meeting: “Cyber Risk Management and Control”

Posted on by 2 comments

Please join me for a luncheon hosted by the Delaware Valley chapter of RIMS on Friday, January 11, 2013:  Cyber Risk Strategies Meeting.

Here are the details that the Delaware Valley chapter of RIMS has postedCybersecurity about the meeting:

Every day the media reports another major cyber breach. No person or corporation is immune. And the inevitable class action privacy breach lawsuits follow. The trend among courts and government regulators has been to allow these suits to proceed to discovery and beyond. The associated costs are increasing exponentially. Become better informed by a debate on cyber risks and litigation, crisis management, loss control, the applicability of insurance and cyber risk strategies by joining us on January 11, 2013 at Aramark’s Philadelphia office.

The panelists will be Scott Godes [formerly] from Dickstein Shapiro and Richard Bortnick [formerly] from Cozen and O’Connor. Scott Godes [was] counsel in the Insurance Coverage Practice and focuses on representing corporate policyholders in insurance coverage disputes. He is a seasoned litigator who has extensive experience in trying complex insurance coverage disputes, including class actions, in state, federal, bankruptcy, and appellate courts, as well as in commercial arbitrations. He [was] co-leader of the firm’s Cyber Security Insurance Coverage Initiative.

Richard Bortnick, from Cozen & O’Connor is a member resident in Cozen O’Connor’s Philadelphia office. He litigates and counsels U.S. and international clients on cyber and technology, directors’ and officers’ liability, securities fraud, professional liability, insurance coverage, products liability, and commercial litigation cases. He also drafts professional liability insurance policies of varying types, including Cyber/Tech policies, and is co-publisher of the cyber industry blog, Cyberinquirer.com.

Moderating the discussion will be Art Boyle, Vice President of Enterprise Risk at Radian Group.

Here are the time and location details:

DATE:  Friday, January 11th from 8:00 AM – 10:00 AM
LOCATION:  Aramark office, Center City, Philadelphia

Please be sure to join us!  Click here to register.

Disclaimer:

This blog is for informational purposes only. This may be considered attorney advertising in some states. The opinions on this blog do not necessarily reflect those of the author’s law firm and/or the author’s past and/or present clients. By reading it, no attorney-client relationship is formed. If you want legal advice, please retain an attorney licensed in your jurisdiction. The opinions expressed here belong only the individual contributor(s). © All rights reserved. 2013.  As a presenter, I will not be charged a fee to attend the meeting.

“Top Ten Tips for Companies Buying Cyber Security Insurance Coverage”

Posted on by 2 comments

cybersecurityMy former colleague, Kristi Singleton, and I recently co-authored an article for the Association of Corporate Counsel (ACC) with our top ten tips for corporations and other entities that are in the market to buy or renew cyber security insurance policies. The introduction is below:

Companies may spend a lot of time and effort to protect their confidential data, but they may miss prime opportunities to save costs and mitigate potential losses if they focus solely on protecting information, and ignore the benefits of purchasing comprehensive cyber-security insurance coverage. One way that companies can help protect their clients, and themselves, is to understand the scope of the insurance policies that they have, and purchase comprehensive cyber-security insurance coverage. All cyber-security insurance policies, however, are not created equal, so below are some tips that all companies should consider when purchasing or renewing a cyber-security policy.

We give advice that hits on high level insurance coverage considerations for cybersecurity risks, such as buying insurance coverage for first and third party risks, and more specific considerations, such as the scope of coverage for risks and transmissions of data outside of company offices.  To read the entire article, click here.

Disclaimer:

This blog is for informational purposes only. This may be considered attorney advertising in some states. The opinions on this blog do not necessarily reflect those of the author’s law firm and/or the author’s past and/or present clients. By reading it, no attorney-client relationship is formed. If you want legal advice, please retain an attorney licensed in your jurisdiction. The opinions expressed here belong only the individual contributor(s). © All rights reserved. 2012.

“10 Tips For Law Firms Buying Cybersecurity Insurance”

Posted on by One comment

Law FirmMy former colleague, Kristi Singleton, and I recently co-authored an article that was published in Law360 regarding cyberinsurance for law firms. The piece provides insights and tips for law firms and lawyers interested in purchasing a cyberinsurance policy. The introduction is below:

Law firms spend a lot of time and effort to protect their clients’ interests in a myriad of ways, from spending millions of dollars litigating a client’s case to spending hundreds of hours in due diligence before a deal closes. One often overlooked area in which law firms can serve their clients’ best interests is by protecting clients’ confidential or proprietary electronic data. Unfortunately, lawyers are often not considered to be the most technologically-savvy, and thus may be viewed as “easy prey” by hackers who may be…

The rest of the article is after the jump, and Law360 requires a subscription. To read the entire article click here.

Disclaimer:

This blog is for informational purposes only. This may be considered attorney advertising in some states. The opinions on this blog do not necessarily reflect those of the author’s law firm and/or the author’s past and/or present clients. By reading it, no attorney-client relationship is formed. If you want legal advice, please retain an attorney licensed in your jurisdiction. The opinions expressed here belong only the individual contributor(s). © All rights reserved. 2012.

Alison Diana cites me in her post, “Insuring the Cloud”

Posted on by One comment

Cloud ComputingIn her post, Insuring the Cloud, author Alison Diana writes about insurance coverage for risks relating to the cloud.  She discusses insurance policies and insurance products available in the marketplace to cover the cloud and risks relating to the cloud.

The post opens:

As cloud becomes more pervasive, many organizations are seeking ways to insure themselves from unexpected downturn. Traditional and new insurers are starting to offer insurance programs designed to protect companies’ information, networks, and operations from cloud failure, a market likely to grow and help spur further adoption of cloud among enterprises.

Insurance companies have struggled with ways to address the business continuity and protection needs of cloud customers.

The article then cites an insurance broker and insurance industry CEO, who work in the area of insurance coverage for cybersecurity, data, privacy, and other cyberrisks, discussing what new offerings are available to corporate insureds and corporate policyholders looking to buy cyberinsurance for the cloud.  She also cites an article from Judy Greenwald at Business Insurance that quoted me discussing cyberinsurance and the cloud.  (You may recall seeing this earlier blog post about the article.)  Citing me, Ms. Diana writes, in part:

Scott Godes [who was] of counsel at law firm Dickstein Shapiro L.L.P. told BusinessInsurance.com (registration required) that he’s seen few, if any, policies that specifically named cloud computing. Typically, he said, liability policies and first-party policies are written to include cloud computing. “Close attention should be paid to when the term ‘computer system’ or ‘computer network’ is defined, if those are the operative terms of what is covered,” he told BusinessInsurance.com.

I stand behind that discussion, and note that I recently have seen a package cyberinsurance policy that did specifically reference insurance coverage for the cloud.  The times, they are a changin’?  As I have written before, the marketplace for cyberinsurance policies may be considered the “Wild West,” so insurance policies, including cyberinsurance policies, should be reviewed carefully.

Want to read the other opinions and thoughts offered on the subject?  Then click on over to Insuring the Cloud to read the entire post.

 

Disclaimer:

This blog is for informational purposes only. This may be considered attorney advertising in some states. The opinions on this blog do not necessarily reflect those of the author’s law firm and/or the author’s past and/or present clients. By reading it, no attorney-client relationship is formed. If you want legal advice, please retain an attorney licensed in your jurisdiction. The opinions expressed here belong only the individual contributor(s). © All rights reserved. 2012.

Bibeka Shrethsa quotes me in her article, “Insurers Grow Tentative About Coverage For Cloud Users”

Posted on by 3 comments

Today, Law360 published another great piece about insurance coverage for cyberrisks, and insurance coverage for cloud-based risks in particular.  In her article, Insurers Grow Tentative About Coverage For Cloud Users, author Bibeka Shrestha addresses the issue of the growth of cloud computing, risks with cloud computing, and, perhaps most important, insurance coverage for cloud computing risks.

The article opens:

Insurers are starting to scrutinize coverage for companies using third-party data services, seeing cloud providers as especially vulnerable to hacking attacks, and with cyberpolicy language constantly evolving, attorneys say policyholders should pay closer attention to whether their cloud-related losses would be covered in the event of a breach.

Last year, hackers reportedly used Amazon.com‘s cloud service to launch a cyberattack that compromised the account data of more than 77 million Sony Playstation users. But that much-publicized data breach hasn’t slowed a trend of companies turning to . . .

The article then explains risks relating to cloud computing and insurance-related issues for cloud computing risks.  Ms. Shrestha quotes several people who deal with cloud computing, cyberrisks, cybersecurity questions, data breach issues, and insurance coverage for those risks and potential liabilities.  The article provides helpful information to companies that are buying cyberinsurance policies for cloud-based risks in the cloud.  Ms. Shrestha cites me and my advice multiple times in the article.  She reiterates my advice as to people who may be involved with purchasing cyberinsurance with coverage for the cloud, what coverages well-crafted cyberinsurance policies should include, and whether “additional insured” status may be available to cloud users from cloud providers.  You can see my comments and the rest of the article after the jump, with the full content available to subscribers of the Law360 site and its content.

Want to read the other opinions and thoughts offered on the subject?  Then click on over to Insurers Grow Tentative About Coverage For Cloud Users to read the entire article.

Disclaimer:

This blog is for informational purposes only. This may be considered attorney advertising in some states. The opinions on this blog do not necessarily reflect those of the author’s law firm and/or the author’s past and/or present clients. By reading it, no attorney-client relationship is formed. If you want legal advice, please retain an attorney licensed in your jurisdiction. The opinions expressed here belong only the individual contributor(s). © All rights reserved. 2012.

“Cybersecurity: Does Your Company Have Insurance For Claims Arising Out Of An Alleged Data Breach?”

Posted on by 2 comments

HospitalityLawyer e-magazine recently published an article that my former colleague, Ken Trotter, and I wrote regarding insurance coverage for data breaches and cybersecurity risks.  It’s in the November 2012 edition of the magazine.  We discuss risks relating to data breaches, cybersecurity, and privacy, as well as what insurance might apply to provide coverage for those risks.  The article is focused on cyberrisks and insurance coverage for the hospitality industry.

The article’s lede is:

Cybersecurity risks, including data breaches, are among the most significant risks facing any company in the hospitality industry that receives what may be characterized as personally identifiable information, including credit card information.  When hackers, rogue current or former employees, or others steal or otherwise gain access to such personally identifiable information, the data breach may expose the company to liabilities under statutory and regulatory schemes and to third parties, resulting in significant costs to mitigate, remediate, and comply with the obligations arising out of the liabilities.

We then discuss insurance coverage for data breaches, cybersecurity risks, and other privacy-based risks.  We analyze coverage under commercial general liability (CGL) insurance policies and crime insurance policies, and provide comments and pointers regarding the scope of coverage under cyberinsurance policies.

If you are interested in reading the entire article, please click here and check out the article starting on page 8.

An archived version of the article, via the Internet Wayback machine, may be found here.

Disclaimer:

This blog is for informational purposes only. This may be considered attorney advertising in some states. The opinions on this blog do not necessarily reflect those of the author’s law firm and/or the author’s past and/or present clients. By reading it, no attorney-client relationship is formed. If you want legal advice, please retain an attorney licensed in your jurisdiction. The opinions expressed here belong only the individual contributor(s). © All rights reserved. 2014.

myspace profile views counter

Join me for American Conference Institute’s 23rd Annual Bad Faith Litigation conference

Posted on by One comment

Are you looking for a conference discussing bad faith, extracontractual liability, and other ways of obtaining damages beyond policy limits for insurer misconduct?  Of course you are.  Then you’ll want to join me in Orlando, Florida from Wednesday, November 28 to Thursday, November 29, 2012 for American Conference Institute’s 23rd Annual Bad Faith Litigation conference.

Here are the details from ACI’s website:

23rd National Advanced Forum on

Bad Faith Litigation

The essential forum that shapes the future of bad faith litigation strategies for leading outside counsel, in-house counsel and claims professionals in the insurance industry

Wednesday, November 28 to Thursday, November 29, 2012
Hyatt Regency Grand Cypress, Orlando, FL

To accommodate the devastation of Hurricane Sandy we are extending the discount deadline until Friday, November 16th.

Drawn from the best that the bar, the bench, and the industry have to offer, ACI’s 23rd Annual Bad Faith Litigation conference is fully revised and updated to bring you the most effective tactics and expert insights from seasoned in-house counsel, top law firms and renowned jurists

Bad Faith disputes continue to generate a significant amount of costly litigation. With increased institutional bad faith claims, courts and hostile juries handing down huge verdicts, and many states moving towards statutory bad faith laws, both insurance companies and policyholders are fighting an uphill battle in bad faith claims. Attorneys and in-house professionals must be prepared to effectively defend against, and bring, bad faith claims, and ensure they have the best strategies for resolving coverage disputes, managing discovery, and gaining the upper hand in bad faith lawsuits.

American Conference Institute’s 23rd Annual Advanced Forum on Bad Faith Litigation has been fully updated to offer crucial developments and winning litigation strategies to even the most experienced bad faith litigators, and provide in-house counsel and claims professionals with strategic and proactive ways to reduce bad faith claims. Get effective tactics from both the insurers and the policyholders and ensure the best result for your client. This year’s conference will feature:

  • Insurers In-house roundtable: This specialized in-house panel will focus on
    1) best practices in claims investigation and litigation decisions;
    2) settling bad faith claims and working with outside counsel;
    3) dealing with the insured; and much more
  • Viewpoints from the Policyholders Bar: Adapt your strategies to the new wave of claims being asserted and hear what key actions (or inactions) could lead your client into litigation
  • Discussions with distinguished jurists: Get valuable insight on effective theories and evidentiary issues, from state and federal judges that have presided over bad faith suits
  • Narrowly tailored panel sessions: Our narrowly tailored, comprehensive panels will shed light on the most effective ways to recognize bad faith set-ups, properly investigate a claim, litigate questionable coverage, manage discovery, respond to punitive damage claims and much, much more

Plus, complete your 2-day experience by also signing up for the interactive pre and post-conference Hotbed Workshops:
A. Adjusting Catastrophe Claims: A Focus on Recent Developments in the Gulf States
B. Florida C. California & Washington D. New Jersey & Pennsylvania
(B, C and D are concurrent on November 29, 2012 | 2:00 p.m.–4:30 p.m.)

Register now by calling 888-224-2480 or faxing your registration form to 877-927-1563.You can also register online at AmericanConference.com/BadFaith.

My panel is titled:  “View from the Policyholders’ Bar: Tailoring Your Bad Faith Strategies to the Latest Wave of Claims Being Asserted by Your Adversaries.”  My co-panelists and I will be discussing bad faith from the view of attorneys who represent corporate policyholders and corporate insureds in insurance coverage and insurance bad faith lawsuits and litigation.  I will talk about my experience with bad faith claims against insurance companies.  It should be a great panel and a good way for you to pick up some CLE credits in Florida.

The panel’s topics include:

  • Current bad faith claims being brought by policyholders
    • Facts supporting bad faith awards
    • How recent decisions are treating bad faith claims
    • Current bad faith trends, including punitives
  • New legislation and the effect on bad faith claims
  • Impact of differing policy terms and state laws on the duty to defend vs. the duty to indemnify
  • The need for outside counsel early in the claims process
  • The policyholders’ bar view on insurance company investigations
  • Insurers’ obligation to “do no harm” to a policyholder’s defense of underlying litigation
    • The interplay between coverage disputes and insurers’ duties regarding their policyholders’ defense of underlying claims

Interested in attending?  Click here:
Register Now

If you contact me by November 15, 2012, I can put you in touch with an organizer who should be able to offer you a discounted rate.

Disclaimer:

This blog is for informational purposes only. This may be considered attorney advertising in some states. The opinions on this blog do not necessarily reflect those of the author’s law firm and/or the author’s past and/or present clients. By reading it, no attorney-client relationship is formed. If you want legal advice, please retain an attorney licensed in your jurisdiction. The opinions expressed here belong only the individual contributor(s). © All rights reserved. 2012.

Note:  as a speaker at the conference, I will not be charged a fee to attend the remainder of the conference.

myspace profile views counter

Please join me for the September 19, 2012 Potomac RIMS Meeting: “Cyber Security Workshop”

Posted on by 3 comments

Please join me for a luncheon hosted by the Potomac chapter of RIMS on Wednesday, September 19:  “Cyber Security Workshop.”

Here is the meeting topic:

Does Cyber Security seem like a term from Star Wars to you?  Do you not understand the meaning of this field but feel you should??? Join our session and lose sleep no more!

I’ll be joined by Don Nelson, the Director of Information Security Governance for Fannie Mae, and Robert Lowe, who manages the Third Party Due Diligence program for Information Security at Fannie Mae, and also acts as a subject matter expert and supporting resource for strategic initiatives across the enterprise.

Here are the time and location details:

Wednesday, September 19,  2012

Meeting: 11:00 a.m. – 1:30 p.m.
Lunch:    11:30 a.m.

Please be sure to join us!  To register, please click here:  “Cyber Security Workshop.”

Disclaimer:

This blog is for informational purposes only. This may be considered attorney advertising in some states. The opinions on this blog do not necessarily reflect those of the author’s law firm and/or the author’s past and/or present clients. By reading it, no attorney-client relationship is formed. If you want legal advice, please retain an attorney licensed in your jurisdiction. The opinions expressed here belong only the individual contributor(s). © All rights reserved. 2012.  As a presenter, I will not be charged a fee to attend the meeting.

« Older Entries Recent Entries »