HB Risk Notes Archives

McLoughlin on Artificial Intelligence in Banking

July 25th, 2018|Categories: HB Risk Notes|Tags: artificial intelligence|

"Capital adequacy requirements are not the only kind of regulation that AI is helping banks to meet. An even bigger area is monitoring of trading activities for misconduct and abuse. The Bank of England estimates that misconduct by traders has cost banks a global cumulative of $320 billion to date. For this very large reason, banks are aggressively deploying machine learning to monitor the behavior of their traders and detect unusual behavior." Read Michael McLoughlin's post on LinkedIn. Michael McLoughlin is Global Digital Transformation Partner & Advocate with Microsoft.

Joshua Gold on Cyber Crime and Insurance

July 24th, 2018|Categories: HB Risk Notes|

With the amount of trickery going into thefts and embezzlements these days, crime insurance companies too often use the many steps involved in a fraudulent scheme to argue that losses are indirect and otherwise uncovered. The recent decisions of the Second Circuit and Sixth Circuit on the “direct loss” argument and the scope of computer fraud coverage are important victories for policyholders generally, making clear that where the predominant step in the chain is some type of covered fraudulent misconduct involving a computer, a court is not going to entertain a direct loss defense to excuse the insurance company from paying. As such, policyholders should be familiar with their crime coverage and promptly notify all potentially implicated lines of insurance coverage when a cybercriminal is afoot. -- Joshua Gold, Anderson Kill Read Josh's complete article. Joshua Gold is Chair of Anderson Kill’s Cyber Insurance Recovery Practice and was amicus counsel for United Policyholders in the Medidata Solutions, Inc. v. Federal Insurance Company case before the Second Circuit.

Halligan, Weyland on Cybersecurity, Trade Secret Asset Management and the Defend Trade Secret Act of 2016

July 23rd, 2018|Categories: HB Risk Notes|Tags: Cyber Risk, cybersecurity, Defend Trade Secrets Act|

"Cybersecurity protection against outsider theft has largely succeeded, if competently crafted business methods are strictly followed. The more intractable problem of insider theft is now the major concern, and traditional cybersecurity methods are unavailing. The ever-higher digital barriers placed around the corporation and its sensitive data are no defense against data theft by people allowed inside the digital walls in the normal course of business." Read their complete post on LinkedIn. R. Mark Halligan is a Partner and Trial Lawyer at FisherBroyles, LLP. Mr. Halligan has taught Advanced Trade Secrets Law in the John Marshall Law School LLM program for 24 years. Richard F. Weyand is the President of the Trade Secret Office, Inc. www.thetso.com See R. Mark Halligan and Richard F. Weyand Trade Secret Asset Management 2018: A Guide to Information and Asset Management Including RICO and Blockchainavailable on Amazon. https://www.amazon.com/dp/0997070986

Willis Towers Watson: Cyber Risk Top D&O Concern

July 22nd, 2018|Categories: HB Risk Notes|Tags: Cyber Risk, cyberrisk, directors and officers|

Based on their survey, Willis Towers Watson says cyber risk continues to top the list of concerns for directors and officers (right up there with employee claims). As for coverage, while they care about price, things like their relationship with the carriers and how well they handle claims are critical elements. And, maybe one key reason cyber events keep happening: "Only 13% of board members feel that their organizations learn from past cyber mistakes." Read the results of the Willis Towers Watson survey.

RSA’s Zulfikar Ramzan on Blockchain

July 21st, 2018|Categories: HB Risk Notes|Tags: bitcoin, blockchain, cryptographic security, cryptography, cyber security, cyberrisk, rsa security, zulfikar ramzan|

Is blockchain as impenetrable as people think? Or as necessary? It's not predicated on the same type of cryptographic security that we've seen historically, but if someone has enough money and enough motivation -- like a nation state -- couldn't they severely compromise a system? Is blockchain the only way transactional protections can become so secure, or could traditional technologies be employed and with less effort? RSA Security's Chief Technology Officer Zulfikar Ramzan, Ph.D., spoke at our Cyber Sector Risk: Blockchain Security in April 2018 in New York. Hear what he had to say about this much-heralded technology. Related content https://litigationconferences.com/www-litigationconferences-comprivacysecurity-forum-2018-2/ https://litigationconferences.com/international-cyber-risk-management-conference/ https://litigationconferences.com/video-the-urgency-of-cyber-threats-to-u-s-and-global-critical-infrastructures/

Judy Selby on Improving Cyber and Privacy Board Reporting

July 19th, 2018|Categories: HB Risk Notes|Tags: board liability, cyber insurance, Cyber Risk, D&O Liability|

"While general awareness of cyber risks among corporate boards is increasing, even the most motivated and knowledgeable directors cannot effectively fulfill their duties without receiving appropriate data about the organization’s risk profile. Unfortunately, however, there appears to be a disconnect between management and boards when it comes to cyber risk reporting . . . In order for directors to effectively discharge their duty of active, informed, and engaged oversight, the information they receive must be relevant, understandable, reliable, and objective." Judy Selby, JD Judy Selby Consulting Read the full article and Judy's tips for improving board reporting. Judy Selby of Judy Selby Consulting

BitSight Releases eBook on Use of A.I. & Big Data in Continuous Cyber Risk Monitoring

July 18th, 2018|Categories: HB Risk Notes|Tags: bermuda cyber conference, bitsight, cyber insurance, Cyber Risk, cyber risk management, data breach, data security, icrmc|

"With every reported data breach or cyberattack, the cyber risk landscape gets a little more complex. Cyber criminals create new attack vectors, cybersecurity professionals develop new controls to protect their systems, the criminals get to work circumventing the controls, and so on.The result of this back and forth is that cyber risk professionals have a huge variety of risk factors to worry about. In response, risk managers and security specialists need to develop extremely complex cybersecurity programs to make sure all of their bases are covered. "With so many cybersecurity risks to consider, it’s inevitable that some will receive less attention than they deserve. Unfortunately, these overlooked risk factors could play a role in your next cyberattack, and if your financial services firm isn’t prepared, that could be extremely costly." Read more. We're looking forward to seeing the BitSight team in Bermuda Dec. 6-7, 2018, at the International Cyber Risk Management Conference.

Crowell & Moring on Insurance for Autonomous Vehicles Accidents

July 17th, 2018|Categories: HB Risk Notes|

"As responsibility for accidents shifts away from drivers and towards the companies that design, manufacture, and maintain autonomous vehicles, the pool of companies potentially liable for accidents will deepen.Companies need to consider potential liability risk when designing autonomous vehicle-related systems and partnering with other companies." Another good piece from the team Crowell & Moring LLP

Crowell & Moring on D&O Corporate Liability for Cyber Claims

July 17th, 2018|Categories: HB Risk Notes|

"Although many commentators have noted the potential exposure for cyber claims in the form of shareholder actions under D&O coverage, little attention has been given to the risks of cyber exposure under Side C [D&O corporate liability] coverage," write Laura A. Foggan and Thomas Kinney of Crowell & Moring LLP. "D&O policies contain many exclusions and coverage limitations that should protect against undue, unintended expansion of such policies to encompass cyber risks. However, as this case illustrates, courts may not always agree that those coverage limitations fully address cyber breach exposures."

CBD: Confusing Regulations May Soon Find at Least Some Clarity — But Proceed With Caution

July 16th, 2018|Categories: HB Risk Notes|Tags: cannabidiol, cannabis law, hemp products, medical marijuana|

By Tom Hagy July 16, 2018 Proponents say the medical benefits are many and magnificent. You can feel better without feeling stoned. While that will be disappointing to some, people enduring a variety of ailments may find relief, proponents and some studies say. From inflammation to pain to anxiety. From arthritis to alcoholism to diabetes. From psychoses to seizures. Cannabidiol may cure what ails you. And in many cases the science is there, even studies sponsored by the government, say the folks at Project CBD. While the regulations vary from state to state, and the definitions can be confusing, clarity is coming for at least the hemp-derived variety of products – as opposed to its sister cannabis plant, marijuana – with the likely passage of Senate Majority Leader Mitch McConnell’s Hemp Farm Bill. The measure is also noteworthy because it has drawn rare bipartisan support. CBD can be found in just about anything, from skin care products to pain medications to anti-seizure drugs—even beer. Companies, including large retailers, like Target, have tried to sell or are selling products containing CBD online or across state lines. While small compared to the marijuana industry, CBD is on a serious growth trajectory. “Spending on legal cannabis worldwide is expected to hit $57 billion by 2027,” according to an article at Forbes.com, written by Thomas Pellechia, [...]

CBD: Legal or Not? | Webinar | Aug. 16, 2018 | 2pm

July 13th, 2018|Categories: HB Risk Notes|Tags: cannabidiol, CBD, Epidiolex, Harris Bricken|

DATE: Thursday, Aug. 16, 2018 TIME: 2 p.m. EDT; 1 p.m. CDT; 12 p.m. MDT; 11 a.m. PDT PLACE: Your computer PRICE: $197 per dial-in site (unlimited attendance at one location) through Aug. 3, $247 thereafter Register by Aug. 3 and save! For more information, email leslie.davidson@litigationconferences.com. Your webinar registration includes: • A site license to attend this webinar (invite as many people in one location as you can fit around your computer at no extra charge). • Downloadable PowerPoint presentations from our speakers. • The opportunity to connect directly with speakers during the audience Q&A session. • At least one-hour of CLE credit. Speakers Daniel Shortt Harris Bricken Seattle Alison Malsbury Harris Bricken San Francisco With so many studies coming out on the benefits of CBD, a lot of people and companies see tremendous market opportunities and are diving in. Whether derived from industrial hemp or marijuana, these days CBD can be found in just about anything, from skin care products to pain medications to anti-seizure drugs—even beer. Companies, including large retailers like Target, have tried to sell or are selling products containing CBD online or across state lines. But determining the legal status of CBD isn’t easy. Because CBD is a cannabis derivative, the biggest question, of course, is whether or not it’s even legal [...]

California Enacts the ‘First Truly Sweeping Privacy Regime’ in Record Time

July 5th, 2018|Categories: HB Risk Notes|Tags: California Consumer Privacy Act of 2018, consumer privacy, privacy law|

The California legislature -- apparently not wanting to be pegged as just another slow-moving governing body -- took the California Consumer Privacy Act of 2018 from proposal to passage to signing in one week. Critics weren't sitting on their hands either. "Businesses Blast California’s New Data-Privacy Law," read one headline in the Wall Street Journal. For consumers, Californians anyway, the good news is that they can refuse to allow companies to sell their personal data. But, the WSJ reported, business across the country say the law will cause "far-reaching damage to everything from retailers’ customer-loyalty programs to data gathering by Silicon Valley tech giants." Law firms are cranking out their advisories and analyses. Sullivan & Cromwell says the CCPA establishes a new privacy framework for covered businesses by: "Creating an expanded definition of personal information for purposes of the Act; "Creating new data privacy rights for California consumers, including rights to know, access, have deleted and opt out of the sale of their personal information; "Imposing special rules for the collection of consumer data from minors; and "Creating a new and potentially severe statutory damages framework for violations of the Act and for businesses that fail to implement reasonable security procedures and practices to prevent data breaches." The firm also offered a quick comparison between the CCPA and the GDPR. "At a high [...]