publications full of ideas
The WannaCry Affair
Three Cyberinsurance Related Tips for Clients

5.18.2017

As we have previously noted, a recent ransomware attack crippled over 75,000 computers in over 100 countries. The “WannaCry” appears to be the largest Ransomware attack to date. However, cyber-experts are already warning of a second, bigger, wave.

Organizations are scrambling to respond to the increasingly ominous threat. However, in our experience, one aspect is frequently overlooked in incident response plans: insurance. Any cyber contingency exercise should factor in the role of insurance. There are three reasons.

First, many policies carry a reporting requirement. Insureds must report the incident, even if coverage is not available. Failure to do so runs the risk of forfeiting future related coverage e.g. in a subsequent Directors & Officers Liability claim arising out of the same incident. For certain “claims made” policies, failure to report a previous incident can void coverage in later policies.

Second, insurers are increasingly offering free or steeply discounted cyber assistance: the digital counterpart to the “preventative medicine” model. Even if an organization has not experienced an incident, it should utilize these resources. A insurer’s practiced eye can identify easily rectified issues – an exercise that could avert a potential catastrophe down the road. Since the personnel detailed to this task specialize in constantly evolving threat, they are better positioned to identify and rectify vulnerabilities than even the most proficient IT department. Since their services have already been paid for through insurance premiums, organizations should call upon them.

Third, organizations should regularly reevaluate their coverage to ensure that it comports with their risk profile. Cyber policies vary widely in what they cover. Is ransomware covered? Business Interruption? One law firm’s coverage claim currently in litigation claims that it lost $700,000 in billables as it struggled to resolve a ransomware issue. What about regulatory investigations? Compliance or contractual costs? The provisions of the policy must align with the realities of the business.

Insurance is no silver bullet. In cybersecurity, there is no such thing. But it is a readily overlooked tool that can help prepare you for the next big one.

Saad Gul and Mike Slipsky, editors of NC Privacy Law Blog, are partners with Poyner Spruill LLP. They advise clients on a wide range of privacy, data security, and cyber liability issues, including risk management plans, regulatory compliance, cloud computing implications, and breach obligations. Saad (@NC_Cyberlaw) may be reached at 919.783.1170 or sgul@poynerspruill.com. Mike may be reached at 919.783.2851 or mslipsky@poynerspruill.com.

Physical Address: 301 Fayetteville Street, Suite 1900, Raleigh, NC 27601

related information

what's new at the firm

WEBINAR EVENT: New CMS ROPs for SNFs and what the term "resident representative" means

2/21/2018

We're partnering with NCHCFA to bring you a new webinar series open to all NCHCFA members. Register now!

Two Poyner Spruill Attorneys Help Work for Tomorrow through Mentor Program at UNC Law

2/20/2018

RALEIGH, NC – Founded in 2016, the McIntyre-Whichard Legal Fellows Program is now in its second year of existence at the University of North Carolina School of Law. The program was founded by two UNC Law School alums and is co-sponsored by the North Carolina Study Center and the UNC Christian Legal Society. The program is named after Poyner Spruill partner and former U.S. Congressman Mike McIntyre and former N.C. Supreme Court Justice Willis Whichard, who are both alums of the university and serve as program mentors.

Poyner Spruill Diversity Committee to host panel discussion with key leaders in the legal field to celebrate Black History Month

2/12/2018

The Poyner Spruill Diversity Committee is celebrating Black History Month by hosting an intimate panel discussion with key leaders who have been successful in the legal field.

Twenty-three Poyner Spruill Attorneys Honored by Super Lawyers in 2018

2/5/2018

RALEIGH, NC – Poyner Spruill is pleased to announce that 16 of its attorneys have been recognized as 2018 North Carolina Super Lawyers and 7 were named as 2018 North Carolina Rising Stars by North Carolina Super Lawyers Magazine.

Poyner Spruill’s Client Service & Strategy Manager to Present at the 2018 Festival of Legal Learning

1/23/2018

RALEIGH, NC – Poyner Spruill’s Manager of Client Service & Strategy, Brandi Hobbs, has been invited to present at the University of North Carolina School of Law’s 2018 Festival of Legal Learning. The festival will take place February 9-10 at The William & Ida Friday Continuing Education Center in Chapel Hill.

Stay up to date with the latest privacy and information security news!