HB Risk Notes Archives

Mitigating Operational Cyber Risk: As Business Technology Changes, So Does Your Risk Profile

December 6th, 2018|Categories: HB Risk Notes|

By Tom Hagy The various risks of doing business in our digitally connected world continue to evolve. So must the approach organizations take in confronting those risks, for failing to do so in the current risk landscape can be far more dangerous than in prior years. I spoke with Nick Galletto, Global Cyber Risk Leader at Deloitte, who traced the evolution of the dangers of doing business in a digitally connected world. Early on, our focus in the cyber risk management space was on how to protect websites from being defaced, he explained. Organizations had to make sure websites were functioning properly, that data was secure, and the integrity was maintained. Galletto went on to say that we’ve moved from an era of compliance and risk management to an era of complexity. From an organization’s perspective, their focus was on making sure the company was compliant with new and evolving regulations, and risk management meant having policies, procedures and effective controls in place. “While compliance [...]

Aon SVP Belfiore on Corporate Cyber Risk

November 1st, 2018|Categories: HB Risk Notes|Tags: board liability cyber, Cyber Risk, d&o claims, directors and officers|

Cyber Risk of Paramount Concern to Corporate Boards Lack of History Remains a Challenge "Cyber security is the most polarizing issue on the corporate board agenda these days," says Anthony Belfiore, SVP and Chief Information Security Officer at Aon. "It has the most potential impact and the most regulatory pressure among all risks companies face. Nothing is more top of mind right now." "You just have to look at the amount of media coverage and the actual realized impacts companies are experiencing. Hundreds of thousands of businesses from big to small are being affected. The entire healthcare system in the UK went down. The impact is tangible. It’s affecting day-to-day operations," he says. “And no one is immune. Board members come from a diverse set of industries, and all are impacted." Why is cyber risk such a hot button for companies versus other types of risks? "The [...]

Cyber Risks Enter a New and Increasingly Vicious Phase

October 31st, 2018|Categories: HB Risk Notes|

For anyone plotting the evolution of cyber risks, the last phase of cyber-attacks was dominated by breaches that resulted in lost or stolen personal or financial data that could then be monetized. The current phase is different. “We have observed a significant increase in the number of disruptive breaches that our clients are dealing with,” says Charles Carmakal, Vice President at Mandiant/FireEye. “These involve destruction, extortion, or public shaming.” How are organizations dealing with this shift? “It’s catching many organizations off guard. Most don’t have a playbook for dealing with extortion,” Carmakal says. “While they may have thought about a ransomware situation, that’s different from the more common type of extortion we are seeing these days, where a threat actor threatens C-level executives or corporate board members with the release of sensitive information.” “Many organizations assume the default is they wouldn’t give into the demands, but when [...]

Foggan & Huggins on Opioid Litigation Defense Coverage

October 31st, 2018|Categories: HB Risk Notes|

Is a drug company that's sued in connection with the manufacture, promotion and distribution of opioids covered by its insurer for defense costs? According to Laura A. Foggan and Michael Lee Huggins of Crowell & Moring, LLP, that determination will come down to whether, in the relevant state, an accident takes place when either the act or the injury was unintentional, or whether an accident occurred if only the act was unintentional. This definition will vary by state, Foggan and Huggins wrote in California Litigation, published by the Litigation Section of the California Bar earlier this year. South Carolina may permit coverage if "either the act or the injury was unintentional," they explained. In Liberty Mutual v. J.M. Smith, the Fourth Circuit held that if a drug company failed to identify and alert regulatory agencies of suspicious drug orders, then there may be a duty to defend. But in [...]

Kenneth Jones of Tanenbaum Keale on Law Firm Tech Development Capabilities

October 16th, 2018|Categories: HB Risk Notes, HB Tort Notes|Tags: data security, law firm clouds, law firm security|

Should Law Firms Should be Able to Develop Custom Technologies? Here is #10 of Jones' Top-10 List. #10. Security. The cloud is great, and generally speaking, companies in this space operate systems in a highly professional manner. However, occasionally one encounters special business needs which call for extensive “above and beyond” levels of security. This could be times a firm is storing financial information, medical records, or other data they wish to absolutely, positively protect. In these situations — under the theory that “no one does things better than I do” —it’s nice to have the option to build super-secure systems with features such as encrypted data within database tables, and to manage the systems with a very small number of highly trusted professionals specifically known by the law firm. Read more of the article posted by Thomson Reuters. Kenneth Jones oversees various aspects of technology at [...]

Protecting Intangible Assets: Risk Transfer Market Yet to Catch Up

October 12th, 2018|Categories: Cyber Risk Litigation, HB Risk Notes|

Intrinsically Intangible. by Giles Harlow, Senior Vice President, Aon (Bermuda) Ltd. In the early 1980's, tangible assets made up around 80% of the value of the S&P 500. Fast forward to today and nearly 85% of the value of the S&P 500 is attributable to intangible assets. However, the risk transfer market has not caught up. According to the Aon/Ponemon report of last year, whilst around 60% of tangible assets (property, plant and equipment) are currently being insured, only 12% of informational assets are. So what gives? If the vast majority of companies' values in 2018 are attributable to intangibles, why are they not transferring those risks? Is it a lack of education on the client side? A lack of innovation in the brokerage community? A lack of understanding or willingness to accept these new risks on the carrier end? Or is it that whilst the marine [...]

Cyber Insurance Policy Language Review: A Deep Dive Into Key Policy Provisions and Important Differences Among Cyber Policies | Oct. 25, 2018 | Now On-Demand!

October 3rd, 2018|Categories: Cyber Risk Litigation, HB Risk Notes, Risk-On-Demand-CLE|Tags: Cyber Risk, cyber risk insurance|

Now Available On Demand PLACE: Your computer or mobile device PRICE: $197 CLE: 1 credit Please send CLE questions to CLE@LitigationConferences.com SPEAKERS: Judy Selby Principal Judy Selby Consulting LLC Scott Godes Partner Barnes & Thornburg Please contact us with any registration questions: Brownie.Bokelman@LitigationConferences.com Kathleen.McFadden@LitigationConferences.com Your registration includes: • A site license to attend this webinar (invite as many people in one location as you can fit around your computer at no extra charge). • Downloadable PowerPoint presentations from our speakers. • The opportunity to connect directly with speakers via email to HBWebinars@LitigationConferences.com • At least one-hour of CLE credit. Produced in collaboration with Judy Selby Consulting LLC Also available as part of your subscription at the Thomson Reuters West LegalEdcenter. What's in your cyber policy? Cyber insurance can provide a lifeline to companies dealing with today’s high stakes and constantly [...]

Financial Services Cyber Risk Information Sharing

September 26th, 2018|Categories: HB Risk Notes|Tags: Cyber Risk, cyber security, cybersecurity, data security, financial data, FS-ISAC, hacking, icrmc, privacy law|

Why We Need to be More Like Apes, Less Like Seagulls By Tom Hagy Featuring Craigg Ballance, Director of Canadian Member Services, FS-ISAC Even before we can walk we are encouraged to share. We’re told to share our things even when we barely have any. Even some wild animals share food and resources – even when those resources are scarce. Some creatures are better at it than others, of course. Apes and lions? Absolutely. Seagulls? All you have to do next time you’re on the beach is toss what’s left of your ham sandwich into the air and see how generous gulls are. People fall into sharing -- and not-fond-of-sharing -- groups, too. Sharing is particularly critical in the financial sector where, while privacy and security regulations command a tight lid on data, global financial institutions are successfully sharing data about cyber risk, says Craigg Ballance, Director [...]

Blockchain: Power to the People

August 28th, 2018|Categories: HB Risk Notes|Tags: blockchain|

Dan Solove, co-founder of the Privacy+Security Forum and professor at GW Law School, just posted an interview with Steve Shillingford, Founder and CEO of Anonyome Labs, a consumer privacy software company. Below is part of just one exchange in the interview. SOLOVE: The Internet has made so many things possible that we couldn’t do in an analog world. Yet, in some ways, the online world seems to lack the capabilities of the offline world. In the offline world, it is much easier to have anonymous transactions. This becomes much more challenging online. How can the online world be made more like the offline world in this regard? SHILLINGFORD: Blockchain technology shifts the balance of power back to people—to individuals—and away from tech giants, governments and data miners. It allows you to transact on your terms, just as you do offline. And it’s not just limited to financial transactions. Put anything on the blockchain [...]

International Cyber Risk Management Conference | April 15-16, 2019 | Toronto

August 22nd, 2018|Categories: Conferences, HB Risk Notes|Tags: cyber insurance, Cyber Risk, cyber security, cybersecurity, data breach, icrmc, privacy law, ransomware, Toronto cyber conference|

Get 10% off with promotion code HB2019 Check out the Agenda and Faculty Date: April 15-16, 2019 Venue: Metro Toronto Convention Centre 255 Front St. West Toronto, ON M5V 2W6, Canada Information Brownie Bokelman Email +1 (484) 844-0437 Ask for the list of attending organizations. Photo: Tom Ridge, the first Secretary of the U.S. Department of Homeland Security and the 43rd Governor of Pennsylvania, speaking at ICRMC in 2017. Join 300 cyber insurance and risk professionals. Learn from a carefully selected faculty. Benefit from the program's impressive Steering Committee. Don't miss this great business opportunity!

Oracle Health Sciences on Pharmacovigilance and Artificial Intelligence

August 22nd, 2018|Categories: HB Risk Notes, HB Tort Notes|Tags: adverse incident, artificial intelligence, drug safety, pharma regulation, pharmacovigilance|

"The potential to use artificial intelligence methods increasingly for the analysis of the increasing amounts of pharmacovigilance data is well understood and many companies are moving (or planning to move) there, and we can predict that routine tasks in pharmacovigilance will in the future be increasingly automated. It will be crucial, however, for regulatory authorities to very clearly provide a position about the use of AI as well as the acceptable level of quality from AI applications. But in parallel with the shaping of those definitions, given the massive increase in their AE case workloads that most companies are currently experiencing, the industry will out of necessity proceed swiftly with the adoption of AI and cloud technologies to reduce their costs and increase their efficiencies. "Like other industries, the pharmaceutical business and in particular the pharmacovigilance field will see a massive change in their processes in the [...]

Courtney Klein on Social Media & Security

August 1st, 2018|Categories: HB Risk Notes|Tags: cybersecurity, data security, social media risk|

A Restructured Paradigm for Corporate Teamwork By Courtney Klein of Soteria Risk Consultants Social media has become an integral part of everyday life. It’s how some of us get our news, research our opinions, learn about local events, and connect with friends. For the modern western business, it is also immensely important for staying in touch with customers, advertising, and overall visibility. For this reason, many companies employ veritable armies of “Social Media Specialists” that do everything from designing graphics to writing tweets to replying to customer questions and complaints. Some companies interact with each other (such as the hilarious and long-standing Twitter Battle between Wendy’s and McDonald's), and some use it as their primary form of communication. Customers, too, know that social media is a way to get in touch with a company - for good reasons and for bad - and while many companies are [...]