cyber security Archives

To Pay or Not to Pay: Does Your Insurance Policy Cover Ransomware Losses? | By Pamela Hans | Anderson Kill
Gallery
To Pay or Not to Pay: Does Your Insurance Policy Cover Ransomware Losses? | By Pamela Hans | Anderson Kill

To Pay or Not to Pay: Does Your Insurance Policy Cover Ransomware Losses? | By Pamela Hans | Anderson Kill

October 26th, 2021|Categories: Cyber Risk, Cyber Risk Litigation, Emerging Litigation & Risk, HB Emerging Law Notes, HB Risk Notes, Journal on Emerging Issues in Litigation|Tags: Cyber Risk, cyber security, cybersecurity, data breach, data security, emerging litigation, litigation, mass torts, torts|

To Pay or Not to Pay: Does Your Insurance Policy Cover Ransomware Losses? Abstract Ransomware attacks are a rapidly growing threat against organizations. Paying ransom demands is a risky proposition and may even lead to sanctions against the targeted company. Either way, the damage to a company’s operation and integrity can be cripplingly severe. Should a company suffer losses from cyber extortion, its insurance company will be one of the resources it turns to for relief. But with cyber coverage increasingly out of reach for some, policyholders may find coverage in more traditional coverages. In this article, the author evaluates the potential for coverage under several policy types, and underscores the importance of understanding policy language, the relevant law, and the potential regulatory ramifications of meeting ransom demands. Author Pamela D. Hans (phans@andersonkill.com) is the managing shareholder of Anderson Kill’s Philadelphia office. Her practice concentrates on insurance coverage exclusively on behalf of policyholders. Pam is also a member of the firm’s COVID Task Group and Cyber Recovery Group. About The Journal on Emerging Issues in Litigation is a co-production of HB, Fastcase, and Law Street Media. You can also hear the complementary (and complimentary) Emerging Litigation Podcast wherever podcasts appear. For questions, contact Tom Hagy, Editor in Chief, at Editor@LitigationConferences.com.

The New York Privacy Act Would Allow Direct Action

June 5th, 2019|Categories: HB Risk Notes|Tags: California Privacy Act, client data protection, Cyber Risk, cyber security, new bill, new york bill, new york privacy act, NY Privacy Act|

The New York Privacy Act, introduced last month by state Sen. Kevin Thomas, advocates for consumer agency over their personal data and would give New Yorkers the right to sue companies directly for privacy violations. Thomas wants companies to put customer data protection ahead of their budgetary and business goals. The bill summary reads: "Enacts the NY privacy act to require companies to disclose their methods of de-identifying personal information, to place special safeguards around data sharing and to allow consumers to obtain the names of all entities with whom their information is shared; creates a special account to fund a new office of privacy and data protection." "Fiduciaries, like an attorney or a doctor, hold onto your information. They don't share it, unless there is a need for the purpose for which they collected it,” Thomas said. “That's not what's going on here with these data companies and these data brokers. They're sharing it, and we're getting targeted.” Pushback from the tech industry has been swift. John Olsen, Director of the Internet Association, said, “The NY Privacy Act, in its current form, is unworkable for businesses that want to comply and fails to provide New York residents meaningful control over how their data is collected, used, and protected." Facebook also chimed in saying they would have to shut down Facebook access [...]

The Cloud: Selected Benefits, Risks, and Insurance Coverage Issues (Part 1) — Barnes & Thornburg

May 6th, 2019|Categories: HB Risk Notes|Tags: BYOC, cloud network, cloud risks, cloud security, cyber networks, cyber security, data, data breach, data cloud, data liability, data loss, data security, employee data, HIPAA, hippa, liability, secure data|

Cloud Risk: Do You Transfer Liability Along with Data? Many of us were using data clouds before we even knew what they were. Now, while most of us are comfortable with the concept, we may not be comfortable knowing who is liable when data is lost, damaged or breached. It's not a given that your cloud provider absorbs any liabilities, and it's not a given they can even afford the liability should it arise. Below are quotes from an article by Scott Godes, Kara Cleary, and Heidi Fessler of Barnes & Thornburg LLP on the subject, and a link to their complete article. Godes, Cleary, and Fessler list several cloud-related risks: data breaches, data loss, interruption of access, compromised credentials and broken authentication, and denial of service. But two other categories for concern are: #1. BYOC, or Bring Your Own Cloud. Employees may be innocently using productivity applications that store work data on non-company clouds, in effect, "bringing their own clouds" to the workplace. #2. Multi-Tenancy. This involves risks posed when unrelated cloud users are sharing the same computing resources. "Both the cloud provider and the user must be aware of system and data security to prevent a breach in the security. In addition, when a risk is realized, it may not always be clear who is at fault for the [...]

Financial Services Cyber Risk Information Sharing

September 26th, 2018|Categories: HB Risk Notes|Tags: Cyber Risk, cyber security, cybersecurity, data security, financial data, FS-ISAC, hacking, icrmc, privacy law|

Why We Need to be More Like Apes, Less Like Seagulls By Tom Hagy Featuring Craigg Ballance, Director of Canadian Member Services, FS-ISAC Even before we can walk we are encouraged to share. We’re told to share our things even when we barely have any. Even some wild animals share food and resources – even when those resources are scarce. Some creatures are better at it than others, of course. Apes and lions? Absolutely. Seagulls? All you have to do next time you’re on the beach is toss what’s left of your ham sandwich into the air and see how generous gulls are. People fall into sharing -- and not-fond-of-sharing -- groups, too. Sharing is particularly critical in the financial sector where, while privacy and security regulations command a tight lid on data, global financial institutions are successfully sharing data about cyber risk, says Craigg Ballance, Director of Canadian Member Services for FS-ISAC in Toronto. But, he says, sharing has to take place across a broad landscape. “Information analysis sharing has to cut across the various subsets of the financial sector,” says Ballance. “While banks share local data, they are trying more and more to share globally, but,” he says, “banks need to share with other institutions, like insurers, investment funds, pension funds, and other types of financial institutions, for this cooperation [...]

International Cyber Risk Management Conference | April 15-16, 2019 | Toronto

August 22nd, 2018|Categories: Conferences, HB Risk Notes|Tags: cyber insurance, Cyber Risk, cyber security, cybersecurity, data breach, icrmc, privacy law, ransomware, Toronto cyber conference|

Get 10% off with promotion code HB2019 Check out the Agenda and Faculty Date: April 15-16, 2019 Venue: Metro Toronto Convention Centre 255 Front St. West Toronto, ON M5V 2W6, Canada Information Brownie Bokelman Email +1 (484) 844-0437 Ask for the list of attending organizations. Photo: Tom Ridge, the first Secretary of the U.S. Department of Homeland Security and the 43rd Governor of Pennsylvania, speaking at ICRMC in 2017. Join 300 cyber insurance and risk professionals. Learn from a carefully selected faculty. Benefit from the program's impressive Steering Committee. Don't miss this great business opportunity!

Francoise Gilbert on Colorado’s New Privacy Law: Are You Ready?

August 1st, 2018|Categories: HB Risk Notes|Tags: colorado privacy law, cyber security, francoise gilbert, privacy security forum|

Effective Sept. 1, 2018, Colorado will require all entities that process or store certain personal information of Colorado residents, regardless of whether the entity is located within or outside of Colorado, to have formal data security and data disposal programs. This is the result of the adoption of Bill 18-1128 “Concerning Strengthening Provisions for Consumer Data Privacy,” signed into law at the end of May 2018, to amend and supplement existing law .... Previously, the definition of “personal identifying information” under the Colorado law was limited to a resident’s first name or initial and last name in combination with the individual’s Social Security, driver’s license, or identification card number, or a credit or debit card or bank account number, combined with a password or access code. The new definition includes additional forms of identification, such as student, military, passport, and health insurance identification number, as well as other types of information, such as medical information or biometric data. It also includes username or e-email address in combination with a password or security question answers that would permit access to an online account .... Organizations that collect personal identifying information of Colorado residents and that do not yet have the written programs necessary to formalize their data protection practices urgently need to focus on compliance. -- Francoise Gilbert, Greenberg Traurig Francoise Gilbert, a partner [...]

RSA’s Zulfikar Ramzan on Blockchain

July 21st, 2018|Categories: HB Risk Notes|Tags: bitcoin, blockchain, cryptographic security, cryptography, cyber security, cyberrisk, rsa security, zulfikar ramzan|

Is blockchain as impenetrable as people think? Or as necessary? It's not predicated on the same type of cryptographic security that we've seen historically, but if someone has enough money and enough motivation -- like a nation state -- couldn't they severely compromise a system? Is blockchain the only way transactional protections can become so secure, or could traditional technologies be employed and with less effort? RSA Security's Chief Technology Officer Zulfikar Ramzan, Ph.D., spoke at our Cyber Sector Risk: Blockchain Security in April 2018 in New York. Hear what he had to say about this much-heralded technology. Related content https://litigationconferences.com/www-litigationconferences-comprivacysecurity-forum-2018-2/ https://litigationconferences.com/international-cyber-risk-management-conference/ https://litigationconferences.com/video-the-urgency-of-cyber-threats-to-u-s-and-global-critical-infrastructures/

International Cyber Risk Management Conference | Dec. 6-7, 2018 | Bermuda

June 23rd, 2018|Categories: Conferences, HB Risk Notes|Tags: bermuda conference, cyber insurance, Cyber Risk, cyber security, cybersecurity, data breach, privacy law, ransomware, reinsurance bermuda|

Register Use promotion code HB2018 and save 10% When Dec. 6-7, 2018 Agenda About Where Hamilton Princess & Beach Club 76 Pitts Bay Road, Pembroke Hamilton Bermuda HM 08 Questions and Sponsorship Opportunities Contact Brownie Bokelman by email or phone. +1 (484) 844-0437 Plan your year-end trip to Bermuda and join global cyber leaders from AIG, Aon, Chubb, Deloitte, Marsh and more. Now in its fifth year internationally . . . . ICRMC is delighted to expand its cyber conference to Bermuda at the invitation of the Bermuda Business Development Agency (BDA). Come learn from experts, networking and share experiences to help you manage the risk and impact caused by a cyber breach. HB is a proud affiliated marketing sponsor of this prestigious event. World class event, with world class cyber leaders ICRMC Bermuda Session Highlights: The CISO Perspective Reinsurance and ILS – Managing Cyber CAT Risk From Blockchain to Crypto-Currency – Cyber Security Implications Employing AI in Cyber Risk Management See full conference agenda at bermuda.icrmc.com ICRMC Bermuda Speakers: Darius Delon, President, Risk Management 101 and Past Chair of RIMS Canada Council Anthony Belfiore, SVP and CSO, Aon Tom Pageler, Chief Security Officer, BitGo Inc Robert Parisi, Managing Director, Cyber Product Leader, Marsh The Hon E. David Burt JP, MP, Premier of Bermuda and Minister [...]

Cyber Security Summit: Seattle | July 19, 2018

May 31st, 2018|Categories: HB Risk Notes|Tags: cyber security, cybersecurity, data breach, privacy law, ransomware|

Registration: $350 Pay just $175 with promo code HB2018 When 7:45am-6pm June 28, 2018 Where The Westin Seattle 1900 Fifth Avenue Seattle Interested in Sponsorship? Email Brownie Bokelman for more info. Check out all the great programs they run around the country and let us know if you're interested! Learn more. HB is proud to announce its association with the annual Cyber Security Summit: Seattle, which connects C-suite and senior executives responsible for protecting their companies’ critical infrastructures with innovative solution providers and renowned information security experts. Regular admission is $350, but use the HB promo code and get 50% off! It's HB2018. Admission gives you access to all interactive panels, discussions, catered breakfast, lunch and cocktail reception. Agenda Learn more about the sessions on incident response for CISOs, lessons learned about ransomware, and protecting your enterprise from employees and corporate spies. Faculty See who's speaking.

Cyber Security Summit: DC Metro | June 28, 2018 | Tysons Corner

May 30th, 2018|Categories: HB Risk Notes|Tags: cyber security, nsa cybersecurity|

Registration: $350 Pay just $175 with promo code HB2018 When 7:45am-6pm June 28, 2018 Where The Ritz-Carlton Tysons Corner Tysons Galleria 1700 Tysons Blvd. McLean, VA 22102 (703) 506-4300 Interested in Sponsorship? Email Brownie Bokelman for more info. Check out all the great programs they run around the country and let us know if you're interested! Learn more. HB is proud to announce its association with the annual Cyber Security Summit: DC Metro, which connects C-suite and senior executives responsible for protecting their companies’ critical infrastructures with innovative solution providers and renowned information security experts. Regular admission is $350, but use the HB promo code and get 50% off! It's HB2018. Admission gives you access to all interactive panels, discussions, catered breakfast, lunch and cocktail reception. Agenda Learn more about the sessions on incident response for CISOs, lessons learned about ransomware, and protecting your enterprise from employees and corporate spies. Faculty See who's speaking from the NSA Cybersecurity Threat Operations Center and the Justice Department's National Security Division.

Drug & Device Defense Forum | Oct. 15, 2018 | New York

May 13th, 2018|Categories: HB Tort Notes, Tort Litigation|Tags: Attorney Ethics, CLE, cyber security, cyber security for medical devices, Dechert, demonstrative evidence, drug liability, FDA approval, FDA guidelines, FDA regulation, FDA warnings, goodell devries, jim frederick, jury presentation, lawyers social media, legal ethics, Litigation Financing, litigation funding, mass torts, medical device breach, Medical Device Litigation, medical devices, megan grossman, michelle yeary, personal jurisdiction, pharmaceutical liability, Product Liability, segal mcambridge|

Sorry! This event has been cancelled. We had a good run for several years but all good things and all that. Look for the sessions to magically appear as part of our new webinar series. --Tom Hagy Emerging legal and business issues facing the pharmaceutical and medical device industries. Conference Chairs Megan Grossman Shareholder Segal McCambridge Singer & Mahoney Ltd. Michelle Hart Yeary Of Counsel Dechert LLP James A. Frederick Partner Goodell DeVries Leech & Dann LLP When Oct. 15, 2018 Where Convene Well&, 151 W 42nd St Times Square, New York Sponsors Hotel Accomodations The Knickerbocker Hotel 6 Times Square, SE corner of 42nd & Broadway Weblink Reservations. $325 Premier King For 3 days pre & post conf reservations, contact Jenny Thorpe | 212-204-4976| jthorne@theknickerbocker.com Ask for "HB Litigation" conference rate. Cut-Off Date: Sept 23 CLE This event will be eligible for CLE Conference Registration Rates • $195 for in-house counsel at pharmaceutical, medical device and insurance companies. • $495 for attorneys in private practice • $395 for attorneys from faculty firms (promo code FAC395) Contact Us (484) 844-0437 Send us an Email Speaking Proposals Send us your idea Ideas@LitigationConferences.com Or go online: Faculty Questions: Faculty@LitigationConferences.com Faculty Dinner | [...]

News Release re HB Corporate Counsel and Cyber Risk Programs April 2018

March 21st, 2018|Categories: HB Risk Notes|Tags: Altria, American Airlines, blank rome, blockchain, corporate counsel, Covington & Burling, critical infrastructure, Crowell & Moring, cyber security, cybersecurity, Daniel B. Garrie, data breach, Fish & Richardson, IBM, Intersec Worldwide, jackson lewis, Law & Forensics, Microsoft, Oracle, Seiger Gfeller Laurie, Sprint, Traub Lieberman, wiley rein|

For Immediate Release | Download PDF Cyber Attacks on U.S. Power Grids, Artificial Intelligence, Autonomous Vehicles and Blockchain Security – Upcoming HB Seminars Address These Hot Topics and More NEW YORK – MARCH 21, 2018 – Many of the most urgent subjects that face corporations, challenge our laws, and change the way we live will be covered during three seminars taking place over two days in New York, April 24 and 25, 2018. The programs are being produced by HB Litigation Conferences and will be held at the Roosevelt Hotel in Midtown. Presenters include representatives from global corporations such as American Airlines, Microsoft, IBM, Intersec Worldwide, Altria, Oracle, Sprint, and RSA Security (now part of Dell Technologies) plus a leading healthcare provider, Christiana Care Health System. The insurance industry will be represented as well, with speakers from Allianz, Marsh, Swiss Re, JLT Specialty, TDC Specialty Underwriters, and Willis Towers Watson. Leading law firms include Blank Rome, Covington & Burling, Crowell & Moring, Fish & Richardson, Jackson Lewis, Traub Lieberman and Wiley Rein. Specialized firms include Law & Forensics, Xpan Law and Seiger Gfeller Laurie. Other speakers come with experience at the FBI, the Justice Department, Homeland Security and the U.S. intelligence community. The three events are: Northeast Corporate Counsel Forum + Live Webstream Tuesday, April 24, 2018 – full day Program chairs: [...]