Scott Godes

Author Archives: Scott Godes

My video interview with RiskCommunities regarding additional insureds and indemnity agreements for tech firms

Posted on June 29, 2011 by Scott Godes One comment

Julie Davis of Risk Communities asked me to speak with her again about insurance coverage issues for high tech firms. Here is how Risk Communities described the video interview:

Technology firms are rich in contractual relationships of all types. Often those contractual relationships spark a discussion, or changes in business insurance policy provisions for many firms.

In the latest RiskCommunities Video, we interviewed Scott Godes [formerly] of Dickstein Shapiro LLP, to address some of the top questions asked about Additional Insured and Indemnity Agreements. The top questions covered in our video interview include:

What does it mean to be an Additional Insured?

What does a Certificate of Insurance tell the Certificate holder?

How does a deductible or self-insured retention apply in the context of Additional Insured coverage?

Is there Insurance coverage available for Indemnity agreements?

Does the contract affect the obligation to purchase additional coverages?

Disclaimer:

This blog is for informational purposes only. This may be considered attorney advertising in some states. The opinions on this blog do not necessarily reflect those of the author’s law firm and/or the author’s past and/or present clients. By reading it, no attorney-client relationship is formed. If you want legal advice, please retain an attorney licensed in your jurisdiction. The opinions expressed here belong only the individual contributor(s). © All rights reserved. 2011.

Join me for a free webinar about D&O and cyberinsurance: “Executive Summary”: What You Need to Know Before You Walk into the Boardroom

Posted on June 27, 2011 by Scott Godes 5 comments

Please join me on July 19, 2011, at 2:00 pm Eastern, for a free webinar hosted by Woodruff Sawyer & Co. Priya Cherian Huskins, Lauri Floresca, and I will discuss D&O insurance, cyberinsurance, and insurance coverage for privacy issues, data breaches, cyberattacks, denial-of-service attacks and more. Here are the details from Woodruff Sawyer‘s announcement:

Date and Time

Tuesday, July 19, 2011

Webinar

11:00 AM – 11:30 AM PST

This webinar is offered free of charge.

Visit Us At:

Woodruff-Sawyer & Co.

50 California St., 12th Fl.

San Francisco, CA 94111

Before you walk into your next board meeting, what do you need to know when it comes to current D&O liability issues? The “Executive Summary” is Woodruff-Sawyer’s webinar series for CFOs, GCs, Controllers and others who work with boards of directors. The upcoming session will feature a conversation with Woodruff-Sawyer’s Priya Cherian Huskins and Lauri Floresca, both nationally-recognized insurance experts, and Scott Godes [formerly] of Dickstein Shapiro.Scott [was] the co-leader of Dickstein Shapiro’s Cyber Security Coverage Initiative. Areas of Discussion

D&O Market Update
D&O Litigation Update

– Newest numbers on D&O suits
– Latest on Supreme Court rulings

Lessons from Sony & Citi: What boards should be asking about cyber liability

– Updates on the recent high-profile data security breaches
– Understanding the impact of California’s recent Supreme Court zip code decision
– What should boards do to mitigate cyber risks?

Click here to register for this webinar.

For questions, please email seminar@wsandco.com

Woodruff-Sawyer is one of the largest independent insurance brokerage firms in the nation, and is an active partner of International Benefits Network and Assurex Global. For over 90 years, Woodruff-Sawyer has been partnering with clients to implement and manage cost-effective and innovative insurance, employee benefits and risk management solutions, both nationally and abroad. Headquartered in San Francisco, Woodruff-Sawyer has offices throughout California and in Portland, Oregon. For more information, call 415.391.2141 or visit www.wsandco.com.

Disclaimer:

Join me for ACI’s 5th National Advanced Forum on Cyber & Data Risk Insurance

Posted on June 13, 2011 by Scott Godes One comment

Are you looking for a conference discussing insurance coverage for cyber and data risk issues, where you will have “the unique opportunity to network, benchmark your products against the competition and gain valuable information about the right insurance coverage for your company”? Then you should join me for the American Conference Institute 5th Annual Cyber & Data Risk Insurance conference.

Here are the introductory details:

Cyber & Data Risk Insurance

Monday, September 26 to Tuesday, September 27, 2011

Affinia Manhattan Hotel, New York, NY

International legislative changes and compliance…External threats from the explosion of social media…Cloud computing…PCI, HIPAA & HITECH standards… social engineering, malware downloads, phishing, click-jacking, spoofing, whistleblowing, massive leaks… THE LIST GOES ON

The expanded scope of Cyber & Data Risk Insurance is here. Attend the annual September conference that the industry has known and trusted for years!

* * *

Dates:
Mon, Sep 26, 2011
Tue, Sep 27, 2011

Location:
Affinia Manhattan Hotel
New York, NY

Accreditation:

Accreditation will be sought in those jurisdictions requested by the registrants which have continuing education requirements. This course is identified as nontransitional for the purposes of CLE accreditation.

ACI certifies that the activity has been approved for CLE credit by the New York State Continuing Legal Education Board in the amount of 15.0 hours. An additional 2.0 hours will apply to workshop A and 3.0 hours to workshop B.

ACI certifies that this activity has been approved for CLE credit by the State Bar of California in the amount of 12.75 hours. An additional 2.0 hours will apply to workshop A and 2.5 hours to workshop B.You are required to bring your state bar number to complete the appropriate state forms during the conference. CLE credits are processed in 4-8 weeks after a conference is held.

ACI has a dedicated team which processes requests for state approval. Please note that event accreditation varies by state and ACI will make every effort to process your request.Questions about CLE credits for your state? Visit our online CLE Help Center at http://www.americanconference.com/CLE

My panel will be:

10:05   State of the Market: New Exposures, Coverage Options and Trends that Are Changing the Scope of Cyber Liability

Edward McGuire, Senior   Vice   President,   Sales   &   Marketing S.H. Smith & Co.
Steven H. Haase, CPCU ARM, INSUREtrust
Malcolm Randles, Underwriter,   Enterprise   Risks   510, R   J   Kiln   &   Co   Limited
Jenny B. Bradford, J.D., Vice   President   Financial   Products,   Risk   Management   Liability, Regions Insurance
Scott N. Godes, Counsel, [formerly] Dickstein   Shapiro   LLP

Market overview and legal developments

Updates on new exposures, coverage decisions and new products to ensure coverage

Addressing the lack of uniformity among policies

Cyber risk insurance overlap with other insurance policies

How big is the market and how much has it grown over the past few years?

New clients and non-technology companies purchasing coverage:   who they are and what they are looking for

A   closer   look   at   security   &   privacy   challenges   facing   small   businesses

What considerations have been given to products that may attract small to mid-market   companies?

How carriers are capitalizing on this

State of the reinsurance market for cyber-risk insurance

Clarification of comprehensive contracts and identifying key provisions

Interested in attending? You can get a discounted rate through me, taking $600 off of the registration price, if you register by June 30. If you’re interested in getting the discounted rate, please e-mail me. Or, if it’s after June 30, you can click here:

Disclaimer:

Note: as a speaker at the conference, I will not be charged a fee to attend the remainder of the conference.

Independent Directors Liability insurance discussed in, “Do directors need separate liability coverage?”

Posted on May 26, 2011 by Scott Godes 5 comments

In her article, Do Directors Need Separate Liability Coverage, Corporate Secretary magazine, author Elizabeth Judd writes about Independent Director Liability insurance policies. The article opens:

IDL insurance protects directors outside the limits of D&O coverage and record increase in securities suits makes IDL a good option.

Almost all public companies buy directors and officers liability (D&O) insurance, providing officers and boards with protection against claims not indemnified by the company. But when companies unravel, they often do so spectacularly– and given how a typical D&O policy is structured, directors may not be as well protected in the event of a complete corporate meltdown as they might like.

That’s where independent director liability (IDL) insurance comes in. A specialized form of D&O that’s sold separately, IDL protects only the directors and would pay out even if all limits within a company’s D&O policy were exhausted.

There is a really nice discussion about IDL insurance coverage in the article. Elizabeth quotes Kevin LaCroix, of The D&O Diary, and other well-known sources on the issue of insurance coverage for directors and officers. Elizabeth also interviewed and quoted me in the article, writing:

Scott Godes, [formerly] counsel at Dickstein Shapiro and author of the Corporate Insurance Blog, says the beauty of IDL is that the policies are marketed as nonrescindable.

‘When D&O claims get messy or expensive, insurance firms have remarkably creative lawyers who can find ways to deny coverage or rescind the policy,’ he points out. ‘I saw one advertisement stating that IDL is insurance for insurance – if the insurance company is marketing these policies as rescission-proof, that should be a good sign.’

If you deal with insurance coverage issues, directors and officers issues, or securities issues, the article is worth a read. IDL insurance is a pretty interesting product, and Elizabeth does a nice job of outlining the coverages and the pros and cons of buying such a policy. So click on over to Do Directors Need Separate Liability Coverage
and read the whole thing.

Disclaimer:

Insurance Coverage for Denial-of-Service Attacks

Posted on May 10, 2011 by Scott Godes 11 comments

It seems that 2011 has been the year of cyberattacks – denial of service attacks, data breaches, and more. Would your insurance policies cover those events? Beyond the denial of service attacks that made news headlines, a shocking “80 percent of respondents” in a survey of “200 IT security execs” “have faced large scale denial of service attacks,” according to a ZDNet story.[1] These attacks and threats do not appear to be on a downward trend. They continue to be in the news after cyberattacks allegedly took place against “U.S. government Web sites – including those of the White House and the State Department –” over the July 4, 2009 holiday weekend.[2] The alleged attacks were not only against government sites; they allegedly included, “according to a cyber-security specialist who has been tracking the incidents, . . . those run by the New York Stock Exchange, Nasdaq, The Washington Post, Amazon.com and MarketWatch.”[3] The more recent ZDNet survey shows that a quarter of respondents faced denial of service attacks on a weekly or even daily basis, with cyberextortion threats being made as well.[4]

Denial of Service Attacks

The cyberattacks that have stolen recent headlines were denial of service incidents. Personnel from “CERT^® Program,” which “is part of the federally funded Software Engineering Institute (SEI), a federally funded research and development center at Carnegie Mellon University in Pittsburgh, Pennsylvania,” have explained:

Denial of service attacks come in a variety of forms and aim at a variety of services. There are three basic types of attack:

consumption of scarce, limited, or non-renewable resources
destruction or alteration of configuration information
physical destruction or alteration of network components.[5]

Some attacks are comparable to “tak[ing] an ax to a piece of hardware” and are known as “so-called permanent denial-of-service (PDOS) attack[s].”[6] If a system suffers such an attack, which also has been called “pure hardware sabotage,” it “requires replacement or reinstallation of hardware.”[7]

What Insurance Coverage Might Apply?

The first place to look for insurance coverage for a denial of service attack is a cybersecurity policy. The market for cybersecurity policies has been called the Wild West of insurance marketplaces. Cyber security and data breach policies, certain forms of which may be known as Network Risk, Cyber-Liability, Privacy and Security, or Media Liability insurance, are relatively new to the marketplace and are ever-changing. The Insurance Services Office, Inc., which designs and seeks regulatory approval for many insurance policy forms and language, has a standard insurance form called the “Internet Liability and Network Protection Policy,” and insurance companies may base their coverages on this basic insuring agreement, or they may provide their own company-worded policy form. Because of the variety of coverages being offered, a careful review of the policy form before a claim hits is critical to understand whether the cyberpolicy will provide coverage, and, if it will, how much coverage is available for the event. If your company does make a claim under a cyberpolicy, engaging experienced coverage counsel who is familiar with coverage for cybersecurity claims will help get the claim covered properly and fight an insurance company’s attempt to deny the claim or otherwise improperly try to limit coverage that is due under the policy.

If your company faces a denial of service cyberattack and suffers losses as a result, but your company has not purchased a specialized suite of policies marketed as cyber security policies, coverage nonetheless may be available under other insurance policies. In addition, other insurance policies may provide coverage that overlaps with a cyberinsurance policy. Consider whether first party all risk or property coverage may apply. First party all risk policies typically provide coverage for the policyholder’s losses due to property damage. If the denial of service cyberattack caused physical damage to your company’s servers or hard drives, your company’s first party all risk insurer should not have a credible argument that there was no property damage. Even if the damage is limited to data and software, however, it may be argued that the loss is covered under your company’s first party all risk policy, as some courts have found that damage to data and software consists of property damage.[8]

First party policies may also provide coverage for extra expense, business interruption, and contingent business interruption losses due to a cyberattack. (Contingent business interruption losses may include losses that the policyholder faces arising out of a cyber security-based business interruption of another party, such as a cloud provider, network host, or others.)[9]

Look also to other first party coverages, such as crime and fidelity policies, to determine whether there may be coverage for losses due to a cyberattack. In particular, crime policies may have endorsements, such as computer fraud endorsements, that may cover losses from a denial of service cyberattack.[10]

If, after a cyberattack, third parties seek to hold your company responsible for their alleged losses, consider whether your company’s liability policies would provide coverage. More importantly, consider your company’s commercial general liability (CGL) insurance policy, if your company does not have a specialized cyber liability policy. If your company did buy a cyberinsurance policy, there is coverage under a CGL policy (and others) that may overlap the coverage in a cyberinsurance policy, providing your company with additional limits of insurance coverage available for the claim.

The first coverage provided in a standard-form CGL insurance policy covers liability for property damage. Similar to the analysis above for first party all risk policies, if there was damage to servers or hard drives, insurers should not be heard to argue that there was no property damage. Courts are divided as to whether damage to data or software alone consists of property damage under insurance policies, with some courts recognizing that “the computer data in question ‘was physical, had an actual physical location, occupied space and was capable of being physically damaged and destroyed’” and that such lost data was covered under a CGL policy.[11] Be aware, however, that the insurance industry has revised many CGL policies to include definitions giving insurers stronger arguments that damage to data and software will not be considered property damage. But also note that your company’s CGL policy may have endorsements that provide coverage specifically for damage to data and software.[12] Consider further whether a claim would fall within the property damage coverage for loss of use of tangible property—loss of use of servers and hard drives because of the cyberattack; loss of use of computers arising out of alleged software and data-based causes has been held sufficient to trigger a CGL policy’s property damage coverage.[13]

Keep in mind that if there is a claim for property damage under a CGL policy, there may be coverage for obligations that your company has under indemnity agreements. Standard form CGL policies provide coverage for indemnity agreements.[14]

Depending on the types of claims asserted, other liability policies may be triggered as well. For example, directors and officers liability policies may provide coverage for investigation costs,[15] and errors and omissions policies also may cover, if the cybersecurity claims may be considered to be within the definition of “wrongful act.”[16] The takeaway for companies suffering from a cyberattack is that a careful review of all policies held by the insured is warranted to make certain that the most comprehensive coverage may be pursued.

Scott Godes [was] counsel with Dickstein Shapiro’s Insurance Coverage Practice in the firm’s Washington, D.C. office. Mr. Godes is the co-head of the firm’s Cyber Security Insurance Coverage Initiative and co-chair of the American Bar Association Computer Technology Subcommittee of the Insurance Coverage Committee of the Section of Litigation. He frequently represents corporate policyholders in insurance coverage disputes.

[1] Larry Dignan, Cyberattacks on Critical Infrastructure Intensify, ZDNet, http://m.zdnet.com/blog/btl/cyberattacks-on-critical-infrastructure-intensify/47455 (Apr. 19, 2011).

[2] U.S. Government Sites Among Those Hit by Cyberattack, CNN, http://www.cnn.com/2009/TECH/07/08/government.hacking/index.html (July 8, 2009).

[3] Siobhan Gorman & Evan Ramstad, Cyber Blitz Hits U.S., Korea, Wall St. J., http://online.wsj.com/article/SB124701806176209691.html (July 9, 2009).

[4] Larry Dignan, Cyberattacks on Critical Infrastructure Intensify, ZDNet, http://m.zdnet.com/blog/btl/cyberattacks-on-critical-infrastructure-intensify/47455 (Apr. 19, 2011).

[5] Denial of Service Attacks, CERT, http://www.cert.org/tech_tips/denial_of_service.html (last visited July 9, 2009); About CERT, CERT, http://www.cert.org/meet_cert/ (last visited July 10, 2009).

[6] Kelly Jackson Higgins, Permanent Denial-of-Service Attack Sabotages Hardware, Security Dark Reading, http://www.darkreading.com/security/management/showArticle.jhtml?articleID=211201088 (May 19, 2008).

[7] Id.

[8] See, e.g., Lambrecht & Assocs., Inc. v. State Farm Lloyds, 119 S.W.3d 16 (Tex. App. 2003) (first party property coverage for data damaged because of hacker attack or computer virus); Am. Guar. & Liab. Ins. Co. v. Ingram Micro, Inc., No. 99-185 TUC ACM, 2000 U.S. Dist. LEXIS 7299, at *6 (D. Ariz. Apr. 18, 2000) (construing “physical damage” beyond “harm of computer circuitry” to encompass “loss of access, loss of use, and loss of functionality”).

[9] Se. Mental Health Ctr., Inc. v. Pac. Ins. Co., 439 F. Supp. 2d 831, 837-39 (W.D. Tenn. 2006) (finding coverage under business interruption policy for computer corruption); see also Scott N. Godes, Ensuring Contingent Business Interruption Coverage, Law360 (Apr. 8, 2009), http://insurance.law360.com/articles/94765 (discussing coverage under first party policies resulting from third party interruptions).

[10] For example, in Retail Ventures, Inc. v. National Union Fire Insurance Co., No. 06-443, slip op. (S.D. Ohio Mar. 30, 2009), the court held that a crime policy provided coverage for a data breach and hacking attack.

[11] See, e.g., Computer Corner, Inc. v. Fireman’s Fund Ins. Co., 46 P.3d 1264, 1266 (N.M. Ct. App. 2002).

[12] See, e.g., Claire Wilkinson, Is Your Company Prepared for a Data Breach?, Ins. Info. Inst., at 20 (Mar. 2006), http://www.iii.org/assets/docs/pdf/informationsecurity.pdf (discussing the Insurance Services Office, Inc.’s endorsement for “electronic data liability”).

[13] See Eyeblaster, Inc. v. Fed. Ins. Co., 613 F.3d 797 (8th Cir. 2010).

[14] See, e.g., Harsco Corp. v. Scottsdale Ins. Co., No. 49D12-1001-PL-002227, slip op. (Ind. Super. Ct. Apr. 26, 2011).

[15] See MBIA, Inc. v. Fed. Ins. Co., No. 08 Civ. 4313, 2009 WL 6635307 (S.D.N.Y. Dec. 30, 2009).

[16] See Eyeblaster, 613 F.3d at 804.

Update: This post also has been put online over at DoS-Attacks.com. You can see the post by clicking here.

Second update: This post also has been put online at the Lexis Insurance Law Community. You can see the post by clicking here.

Third update: This post also has been put online on the Blog Notions insurance blog. You can see the post by clicking here.

Fourth update: This post also has been put online on Core Compass. You can see the post by clicking here (registration required).

Disclaimer:

Information Today quotes me in “Enterprises turn to data breach insurance.”

Posted on April 28, 2011 by Scott Godes Leave a comment

Information Today recently published Enterprises Turn to Data Breach Insurance. The article, by Kurt Schiller, has a great discussion about data breaches, the types of companies potentially affected by data breaches, and what insurance coverage options are available for data breaches. The article contains a series of quotes from me on insurance coverage for all of those issues. It also quotes Jim Whetstone, senior vice president of U.S. technologyand privacy manager for insurance firm Hiscox, Inc.

The article may be found here. It is behind a paywall, so you must be a subscriber to access it. The Information Today website notes: “Articles in this issue of Information Today will be available later this month in a variety of formats — Preview, Full Text, Text+Graphics, and Page Image PDF — on a pay-per-view basis, courtesy of ITI’s InfoCentral.”

Disclaimer:

Risk & Insurance Magazine quotes me in: “Surprised That All Data Is Sacred”

Posted on April 20, 2011 by Scott Godes Leave a comment

In Surprised That All Data Is Sacr ed, Matthew Brodsky, senior editor/Web edition of Risk & Insurance®, wrote an interesting article about data breaches, insurance for data breaches, cyberinsurance coverage issues, and the Epsilon data breach.

Of course, my favorite part is the place where he quotes me about the issue of cyberinsurance policies:

With such a difference between one carrier’s cyberpolicy and another’s, the market is the “Wild West of insurance,” according to Scott Godes, [formerly] the Washington, D.C.-based counsel in Dickstein Shapiro’s Insurance Coverage Practice.

“There’s such a variety in the marketplace for cyber coverages,” he said.

There is more interesting discussion that goes on in the article, including comments from the CEO of a managing general underwriting agency, the person who runs the technology errors and omissions division at an insurance company, and others.

Disclaimer:

Learn About Additional Insured Issues And Indemnification Agreements And Get CLE!

Posted on March 14, 2011 by Scott Godes One comment

Is your company an additional insured under another company’s insurance policies? Does your company issue certificates of insurance? Do you deal with indemnity agreements? Do you know whether indemnity agreements are covered by insurance? Would you like to learn the answers to these questions? Of course you would.

You’d like to hear about this from a commercial litigator and insurance coverage attorneys, wouldn’t you?

Plus, you’d like CLE credit for listening, wouldn’t you?

Well, say no more!

If you’re looking for all of that and more, organized and hosted by my good friends at HB Litigation Conferences, please join me for the:

Additional Insured Issues & Indemnification Agreements Teleconference

Date: April 14, 2011
Time: 2:00-3:40 PM, ET
Price: $169*
CLE Credit: 1.5-2 CLE Credits

Indemnification agreements

May a company be indemnified for its own negligence?

Additional insured coverage

How does a company become an additional insured?

What is the scope of additional insured coverage?

Who pays the deductible?

Is there insurance coverage for contractual indemnity agreements?

Assumption of liability

How does it differ from an indemnity agreement?

Does it survive a bankruptcy?

3:30 Question and Answer Session

3:40 Adjourn

Faculty
Timothy Delahunt, Esq., Kenney Shelton Liptak Nowak LLP, Buffalo, NY
Scott Godes, Esq., [formerly] Counsel Dickstein Shapiro LLP, Washington, DC
Michael Kurtis, Esq., Nelson Levine deLuca & Horst, Blue Bell, PA
Adam Shienvold, Esq., Eckert Seamans Cherin & Mellott, LLC, Harrisburg

Register Now!

Download the Registration Form and mail/fax/email it to us or call us at (484) 324-2755.

*This is valid for only one connection per firm/company location. Multiple attendees can listen in to the conference on that one connection for no additional charge (an additional CLE fee of $25 per additional listener will apply for those pursuing CLE credit, names required in advance). If more than one connection is used, you will be billed after the conference $169 per each additional connection used.

Disclaimer:

Note: as a speaker at the conference, I will not be charged a fee related to the conference.

“Is Your Company Prepared for Cyber Risk?”

Posted on March 7, 2011 by Scott Godes 2 comments

Looking for a great article discussing cyber risk, the costs of cyber risk and data breaches, how companies and corporate boards are dealing with cyber risk, and a discussion about cyber insurance? Then you should click here, to read a great article in Corporate Board Member Magazine, written by Chris Costanzo, “Is Your Company Prepared for Cyber Risk?”

The article’s lede is:

If directors think about cybercrime at all, they are apt to consider cases like Heartland Payment Systems or TJX Cos., in which hackers exposed millions of customer records. Actually, they should be contemplating Google, which accused an electronic spy ring based in China of unleashing sophisticated cyber attacks against its computer systems early last year.

The Google case is emblematic of a new type of cybercrime that is stealthier and potentially more harmful than the massive data breaches that were front-page news a few years ago. When hackers steal customer data, they do it quickly and move on, leaving companies with the administrative hassle of notifying customers.

It goes on to quote several thought leaders on cyber risk, including people who consult on cyber risk, remediation for data breaches and cyber threats, and lawyers who work on the area of insurance coverage for cyber risks. Mr. Costanzo was nice enough to quote me in the article:

That’s not to say companies shouldn’t explore other options. “If you haven’t bought a cyber policy, you should absolutely look to other policies to see what other coverage could be available there,” says Scott Godes, [formerly] counsel at Washington, D.C.-based Dickstein Shapiro. Existing case law backs up the use of general liability or errors and omissions policies to cover cyber breaches, Godes says. “But I would be loathe to say, ‘Don’t buy a cyber policy,’ particularly as insurance companies get more savvy,” he adds.

The entire article is a great read if you have an interest in cyber security and cyber risk. Click here to read the entire article, “Is Your Company Prepared for Cyber Risk?”

Disclaimer:

Join me for the Second Annual NetDiligence® Cyber Risk & Privacy Liability Forum!

Posted on February 9, 2011 by Scott Godes One comment

Want to learn about cybersecurity, cyberinsurance, privacy liability, cyberrisk, and other issues relating to privacy and network security, and insurance coverage for those risks? Of course you do.

And you want to hear this from people who are recognized throughout the industry, including brokers selling cyberinsurance, underwriters writing and selling the coverage, and insurance attorneys who handle the claims and write coverage opinions about the risks, don’t you? Of course!

What’s that, you want all of that, and CLE credit, too? Done.

If you’re looking for all of that and more, organized and hosted by my good friends at HB Litigation Conferences, please join me for the:

NetDiligence® Cyber Risk & Privacy Liability Forum

Date: June 9-10, 2011
Location: The Union League, 140 South Broad Street, Philadelphia, PA
Chairs: Richard Bortnick, Esq., Cozen O’Connor, West Conshohocken, PA
Oliver Brew, Senior Vice President of Technology – Media and Telecoms Underwriting, Hiscox USA, New York
Toby Merrill, VP & National Privacy, Technology & Media Liability Product Manager, ACE Professional Risk
Meredith Schnur, Professional Risk Group, Wells Fargo Insurance Services USA, Inc., New York

Delegate Rates

Attorneys: $1,195**; Insurers & Brokers: $895**; Risk Managers and CFOs: $795**

Agenda and Speakers

Register Now! Conference Venue and Hotel

The Union League is located at 140 South Broad Street, Philadelphia. A block of rooms has been secured for Wednesday, June 8th and Thursday, June 9th at a rate of $189 for a standard room and $239 for a suite. The rate includes complimentary breakfast for (2) guests per room, use of our fitness center and complimentary internet. For reservations, please call 215-587-5570 and refer to the HB LITIGATION CONFERENCE room block. If you have any questions or need assistance, please contact Cyndy Noonan at cyndy.noonan@litigationconferences.com or 484-324-2755×201.

Group Discounts

Group Discounts are available. Please contact Brownie Bokelman at 484-324-2755 x212 or Brownie.Bokelman@litigationconferences.com. Groups of 5+ and Passport Packages are available for additional savings for your firm’s practice group or legal department or for package pricing for a single conference or a series of conferences.

My panel will be:

GL vs. Network Security

GL underwriter panel topic, GL vs. AIPI claims

Other’s insurance & concurrent insurance

Forgotten insurance agreement-when does adv.
injury under a GL stop and where does injury begin
under media policy

Coverage and how the policies respond

Moderator: Thomas Srail, Senior Vice President-Willis Executive Risks, Willis North America
Shannon Giese, Financial Services Group–Professional Risk Solutions, A Division of Aon Risk Services Northeast, Inc.
Scott Godes, Esq., [formerly] Dickstein Shapiro LLP
Richard Reed, Vice President & Worldwide Commercial Errors and Omissions Product Manager, Chubb Specialty Insurance, Warren, NJ

Disclaimer:

Note: as a speaker at the conference, I will not be charged a fee to attend the remainder of the conference.

Video interviews for RiskCommunities, TechRisk Institute regarding cybersecurity, privacy, and cyberinsurance.

Posted on February 3, 2011 by Scott Godes Leave a comment

Julie Davis of Risk Communities recently asked me to speak with her about insurance coverage for cybersecurity claims, data breaches, and other cyberrisks. Julie did video interviews of me and uploaded them to the Risk Communities video channel.

Here’s how Risk Communities introduced me:

“Last year we introduced our broadcast channel, with the idea of highlighting business professionals, and topics, that are impacting business and risk management issues for the technology industry. Scott Godes as volunteered his time to help our followers understand insurance and risk management challenges and trends in Network, Privacy and Security risks.”

There are two video clips. We discuss litigation trends in the area of insurance coverage for cybersecurity, various types of insurance coverage for cybersecurity, risk transfer for cyberrisks, and data and network privacy issues.

Here’s my video interview: “Overview of Network, Security & Privacy Exposures and Risks”

Here’s my video interview: “Overview of Litigation and Trends in Network, Security & Privacy Risks”

Disclaimer:

“Computer and Funds Transfer Fraud Endorsements Issues in Data Breach Claims”

Posted on December 29, 2010 by Scott Godes 3 comments

Is there insurance coverage for a data breach under a crime policy that has a computer and funds transfer fraud endorsement? Yes, I explain in my latest article. In “Computer and Funds Transfer Fraud Endorsements in Data Breach Claims,” published in the January 2011 edition of e-Commerce Law & Strategy, I detail an Ohio federal court decision that held such an endorsement under an AIG crime policy provided coverage for a data breach.

Here is the piece available to the public without a subscription at the e-Commerce Law & Strategy site:

January 2011

Computer and Funds Transfer Fraud Endorsements Issues in Data Breach Claims

By Scott N. Godes

If your e-commerce company were to suffer a data breach, do you know that there is insurance coverage for related costs under some commercial crime-insurance policies? It is so. An Ohio federal court has held that a computer and funds transfer fraud endorsement in an AIG commercial-crime policy provides coverage for a data breach.

Note that the site requires a subscription to view the article.

Update: A version of the text of the article is available by clicking here.

Disclaimer:

My Chapter on Insurance Coverage for Cybersecurity and Intellectual Property Claims Now Available in the New Appleman Law of Liability Insurance Treatise

Posted on December 8, 2010 by Scott Godes One comment

Looking for a treatise on insurance coverage? How about one that has an entire chapter on insurance coverage for cybersecurity and intellectual property claims and risks?

Remember when I wrote that I had written a chapter on insurance coverage for cybersecurity and intellectual property claims for the New Appleman Law of Liability Insurance Treatise? Of course you do. And you probably were wondering, “When will I be able to buy that treatise, so that I can have it on my bookshelf and refer to it regularly for all of my questions about insurance coverage for cybersecurity and intellectual property claims?!?” Well, here’s your answer. The treatise is available on the Lexis website. That’s right! Although you really will want to race right to Chapter 18 – Insurance Coverage for Intellectual Property and Cybersecurity Risks, so that you can read about insurance for data breaches, DDoS attacks, viruses, hackers, cybercrime, and IP losses, you’ll get the whole treatise, too. It’s a five volume looseleaf set that gets updated with supplements.

So what are you waiting for? Click here to order your very own treatise.

Disclaimer:

Join me at the ACI Bad Faith Litigation Conference!

Posted on November 29, 2010 by Scott Godes 2 comments

Tomorrow, I’ll be speaking at the ACI Bad Faith Litigation Conference in Orlando, Florida. I will be giving the View from the Policyholder’s Bar on bad faith claims. Here are additional details about the conference:

Tuesday, November 30 to Wednesday, December 01, 2010

Hyatt Regency Grand Cypress, Orlando, Florida, United States

Why do so many defense counsel, plaintiff attorneys and in-house insurance professionals attend this event every year?

Because this unique event combines a multi-disciplinary, cross-country faculty from both sides of the issue, making it the event the industry relies on to get practical strategies for resolving coverage disputes, mitigating risk, and gaining the upper-hand in bad faith lawsuits.

Bad faith litigation claims are on the rise and showing no signs of slowing down. With juries returning larger than ever verdicts, the stakes are high for plaintiffs and defendants alike. Never has there been a more important time for attorneys and in-house professionals to be able to skillfully maneuver through the bad faith litigation process.

At American Conference Institute’s 21st National Advanced Forum on Bad Faith Litigation, the best and the brightest in the bad faith industry will share their insights and winning strategies on critical issues. Featuring:

A judicial panel with jurists from around the country;

A keynote address from insurance commissioners in two “hotbed” states;

An in-house counsel and claims examiner panel; and

Insights from the policyholders’ bar

No other conference in the industry allows you to interact with the leaders in the industry while hearing the theories and defenses that can turn cases for or against you!

Litigators who specialize in bad faith should attend this conference to get practical strategies and exchange tactics with some of the most successful lawyers in the country who bring and defend these cases regularly. Panels will shed light on the most effective ways to utilize the pleading stages to glean an advantage, developing evidence with an eye towards structuring dispositive motions, implementing credible case themes and properly managing discovery, among others.

In-house counsel and claims professionals know that as fast as insurance companies are responding to allegations of bad faith and implementing procedures to protect themselves from further litigation, plaintiffs’ counsel are creating new strategies for bringing – and winning – bad faith claims. Insurance professionals need to be at this conference to gain insights on new plaintiffs’ approaches and defense arguments so they can think strategically and proactively work to reduce bad faith claims.

This conference will provide even the most seasoned professionals with confi dence and clarity on today’s paramount bad faith issues facing the insurance industry. Come prepared with your most important and pressing questions and concerns to get the most out of this interactive conference.

Plus, add value to your attendance by also registering for our pre- and post-conference workshops:

A. Current Events In Bad Faith: The Gulf States
November 29, 2010 | 2:00 p.m. – 5:00 p.m.

Post-Conference Concurrent Workshops on Bad Faith Hotbeds
December 1, 2010 | 2:30 p.m. – 5:30 p.m.

B. Florida C. California D. Pennsylvania

Want to join me there? Then click here to register.

.
Disclaimer:

Note: as a speaker at the conference, I will not be charged a fee to attend the remainder of the conference.

AgentsOfAmerica.ORG features my post: “Insurance Coverage for Cyberattacks and Denial-of-Service Incidents”

Posted on October 8, 2010 by Scott Godes Leave a comment

If your business suffered losses from a cybersecurity incident, a denial-of-service attack, or some other computer-, network-, or internet-related event, would you know whether your insurance would cover the losses? If your insurance company denied your claim, would you know whether the insurance company had done so properly?

Well, if you’d like some additional thoughts on these issues, check out my post at the AgentsOfAmerica.ORG website. They posted my piece titled, “Insurance Coverage for Cyberattacks and Denial-of-Service Incidents” and also featured it in their newsletter. In my post, I discuss insurance coverage for cyberattacks, cybersecurity events, denial-of-service (DDoS) attacks, and more. I note a couple of recent cases finding in favor of insurance for these sorts of events under commercial general liability (CGL) insurance policies as well as new cyber insurance policies.

So head over to the AgentsOfAmerica.ORG site and check out my post to see more!

Disclaimer:

Join me at the First Party Claims Conference!

Posted on October 3, 2010 by Scott Godes One comment

On October 19 and 20, 2010, I’m going to be presenting at the First Party Claims Conference in Warwick, Rhode Island.

What’s the First Party Claims Conference, you ask? Well, the website describes the event as:

The 2010 FIRST PARTY CLAIMS CONFERENCE (FPCC) on October 18-20 in Warwick, Rhode Island is the insurance event that offers the maximum amount of education and CE credits for a minimal investment of time and money.

And who doesn’t like getting the “maximum amount of education” for the “minimal” amount of time and money? There will be 21 educational sessions and 39 presenters. The conference is open to everyone in the insurance claims community: accountants, adjusters, agents, attorneys, brokers, consultants, engineers, vendors/suppliers and others.

The title of the presentation that I will be making with Darrell Hamer is:

Contingent Business Interruption Insurance – Will You Be Covered When Bad Things Happen To Other People? Scott Godes, Esq., [formerly] of Dickstein Shapiro LLP and Darrell Hamer of Property Claim Advisory Services Corporation

You do remember what contingent business interruption insurance is, don’t you? What’s that, you need a refresher? Well, click here and read all about it! Then register for the conference. Our panel is going to be great. We’re going to give tips and details based on first hand, real world experience in pursuing coverage for contingent business interruption claims.

Disclaimer:

Note: as a speaker at the conference, I will not be charged a fee to attend the remainder of the conference.

Corporate Insurance Blog is one of the Top 50 Insurance Blogs for 2009!

Posted on August 17, 2010 by Scott Godes 2 comments

I’m excited to let you know that the Corporate Insurance Blog has been listed as one of the Top 50 Insurance Blogs for 2009. You know, it was an honor to be nominated, as all of the people at awards shows say, but come on, it’s even better to win!

Thanks very much to my friends at Lexis for the honor and the award.

Here, in relevant part, is how Lexis described the process:

After some very careful review and a great deal of deliberation, the LexisNexis Insurance Law Community has selected its Top 50 Insurance Blogs for 2009.

We’d like to express gratitude to our Community members for your comments and suggestions. All of you submitted many of the new names on the 2009 Top 50 list and we thank you for infusing so much fresh talent into our Community. We also want to specially thank the LexisNexis Insurance Law Advisory Board for giving us their input.

These top blogs offer some of the best writing out there. They contain a wealth of information for all segments of the insurance industry, and include timely news items, expert analysis, practice tips, frequent postings and helpful links to other sites and sources.

Demonstrating on a daily basis that insurance makes the world go round, these blogs also show us how insurance issues interact with politics and culture. These sites also demonstrate the power of the blogsphere, by providing a collective example of how bloggers can—and do—impact and influence the law and the business of insurance.

Here is how they described the Corporate Insurance Blog on the list of awardees:

Corporate Insurance Blog – https://corporateinsuranceblog.com/

Written and Maintained by Scott Godes

This blog is for corporate policyholders, risk managers, and in-house counsel who deal with insurance policies, programs, purchases, renewals, claims, and recovery. It offers a fresh perspective, top notch writing, keen insight, and tackles the tough issues head on.

Many thanks to my friends at Lexis for the recognition, kind words, and the award.

Disclaimer:

Awards

Video clip about insurance coverage for data breaches, from the NetDiligence® Cyber Risk & Privacy Liability Forum.

Posted on August 12, 2010 by Scott Godes One comment

HB Litigation Conferences and NetDiligence hosted the Cyber Risk and Privacy Liability Forum in Philadelphia on June 7 and 8, 2010. During the conference, I was on a panel discussing insurance coverage for data breaches. One of the topics that I covered was whether a Commercial General Liability (CGL) insurance policy provides coverage for data breaches. I argued that it does, and explained why. Here’s a short video clip that my friend Tom Hagy created in which I discuss why there is insurance coverage for data breaches and cybersecurity events.

Click here for the video.

Disclaimer:

Note: as a speaker at the conference, I was not charged a fee to attend the remainder of the conference.

“LexisNexis® Insurance Law Community Podcast featuring Scott Godes . . . on Cyber Liability Insurance Coverage”

Posted on July 23, 2010 by Scott Godes 2 comments

LexisNexis was kind enough to have me record a podcast regarding insurance coverage for cyber liabilities. As LexisNexis states on the Insurance Law Center:

On this edition, Scott Godes discusses the types of cyber liabilities facing companies today, what to do, in terms of insurance, if a cyber incident or data breach occurs and types of policies that provide coverage for a cyber event. Copyright© 2010 LexisNexis, a division of Reed Elsevier Inc. Visit http://www.lexisnexis.com/community/insurancelaw/.

If you’d like to hear the entire podcast, please click here.

Disclaimer:
This blog is for informational purposes only. This may be considered attorney advertising in some states. The opinions on this blog do not necessarily reflect those of the author’s law firm and/or the author’s past and/or present clients. By reading it, no attorney-client relationship is formed. If you want legal advice, please retain an attorney licensed in your jurisdiction. The opinions expressed here belong only the individual contributor(s). © All rights reserved. 2010.

Join me for ACI’s 4th Annual Advanced Forum on Cyber & Data Risk Insurance.

Posted on July 9, 2010 by Scott Godes One comment

Interested in learning more about cybersinsurance and cybersecurity? How about coverage for data breaches, cybersecurity events, and other computer risks? Then please join me for American Conference Institute’s:

4th Annual Advanced Forum on

Cyber & Data Risk Insurance

Monday, September 27 to Tuesday, September 28, 2010

The Helmsley Park Lane Hotel, New York, NY, United States

Cyber and data risk insurance is becoming critical to businesses that operate online, as cyber-attacks are increasing exponentially in terms of frequency, scope, costs and overall impact. With even the best compliance practices in place, it is impossible to guarantee that the private information of consumers and employees will be protected. State Attorneys General and the Federal Trade Commission are becoming more active in investigating and penalizing companies who fail to adequately prevent or respond to a data breach. Additionally, there has been an increase in federal and state legislation and a rise in private actions in the form of mass class actions that are sure to significantly impact this industry.

Demand for cyber and data risk insurance is growing rapidly as businesses are focusing their efforts to address their information risk and data security needs.Broader cyber risk insurance policies have emerged, covering costs relating to responding to a data breach including: notification costs, credit monitoring costs, forensic investigations, call center support, public relations and defense of a claim brought by individuals or federal and state officials.

In light of these risks and exposures, it is critical that you are up to date with the trends in the fast evolving area of cyber and data risk insurance. That is why American Conference Institute developed our successful and well-attended Cyber & Data Risk Insurance Conference in September 2007 and the response in 2008 and 2009 was even better. To those who have attended, come to this 4th annual event — now in New York City — for a revised and updated agenda and to hear from the best and the brightest in the industry, including the FTC, the OTS, the FBI, 2 State Attorneys General and an Assistant Attorney General. For first-time attendees, this conference is your best opportunity to get the tools you need to learn about the new policies, including pricing and negotiating specific coverage, mitigating risks associated with e-business, and to learn strategies so that you can maximize your profitability while minimizing your potential liabilities.

The security and safeguarding of information is vital to protect an organization from financial and reputational loss. This conference is your best opportunity to network with industry insiders, compare products and strategies and to learn valuable information on potential risks and liabilities so that you can put the appropriate insurance protection and risk management practices in place.

Be sure to also register for the Post-Conference Workshop: Negotiating and Drafting Cyber Risk Provisions and Policies

September 28, 2010; 2:00 p.m. – 5:00 p.m.

Back by popular demand with updated content to reflect new developments and additional workshop leaders to walk you through the ins and outs of negotiating and drafting this highly specialized coverage.

Register now by calling 888-224-2480, faxing your registration form to 877-927-1563 or registering online.

Dates:

Mon, Sep 27, 10

Tue, Sep 28, 10

Location:

The Helmsley Park Lane Hotel

New York, NY, United States

My panel, What Policy Holders Are and Should Be Looking for in Cyber and Data Security Coverage, will be covering:

Coverage considerations: What liability and first-party coverages are desirable?

Reasons companies have or have not bought coverage

How standards are evolving in response to new technology threats

Consumer redress: when is it covered and when not?

Coverage for liabilities (including defense and other costs) and first party losses

intentional violations

coverage for electronic and non-electronic loss

Implementing privacy and data security compliance and policies

Disclaimer:

Note: as a speaker at the conference, I was not charged a fee to attend the remainder of the conference.

« Older Entries Recent Entries »

Author Archives: Scott Godes

Rate this:

Share this:

Rate this:

Share this:

Rate this:

Share this:

Rate this:

Share this:

Rate this:

Share this:

Rate this:

Share this:

Rate this:

Share this:

Register Now!

Rate this:

Share this:

Rate this:

Share this:

Delegate Rates

Register Now! Conference Venue and Hotel

Group Discounts

Rate this:

Share this:

Rate this:

Share this:

Rate this:

Share this:

Rate this:

Share this:

Rate this:

Share this:

Rate this:

Share this:

Rate this:

Share this:

Rate this:

Share this:

Rate this:

Share this:

Rate this:

Share this:

4th Annual Advanced Forum on

Cyber & Data Risk Insurance

Rate this:

Share this: