• Skip to primary navigation
  • Skip to content
  • Skip to primary sidebar

McCarter & English Logo

  • People
  • Services
  • Insights
  • Our Firm
    • Leadership Team
    • Social Justice
    • Diversity, Equity & Inclusion
    • Pro Bono
    • Client Service Values
    • Alumni
  • Join Us
    • Lawyers
    • Summer Associates
    • Patent Professionals
    • Professional Staff
    • Job Openings
  • Locations
    • Boston
    • Philadelphia
    • East Brunswick
    • Indianapolis
    • Stamford
    • Hartford
    • Trenton
    • Miami
    • Washington, DC
    • New York
    • Wilmington
    • Newark
  • Share

Share

Browse Alphabetically:

  • A
  • B
  • C
  • D
  • E
  • F
  • G
  • H
  • I
  • J
  • K
  • L
  • M
  • N
  • O
  • P
  • Q
  • R
  • S
  • T
  • U
  • V
  • W
  • X
  • Y
  • Z
  • All
Bankruptcy, Restructuring & Litigation
Blockchain, Smart Contracts & Digital Currencies
Business Litigation
Cannabis
Coronavirus Resource Center
Corporate
Crisis Management
Cybersecurity & Data Privacy
Delaware Corporate, LLC & Partnership Law
Design, Fashion & Luxury
E-Discovery & Records Management
Energy & Utilities
Environment & Energy
Financial Institutions
Food & Beverage
Government Affairs
Government Contracts & Global Trade
Government Investigations & White Collar Defense
Healthcare
Hospitality
Immigration
Impact Investing
Insurance Recovery, Litigation & Counseling
Intellectual Property
Labor & Employment
Life Sciences
Manufacturing
Products Liability, Mass Torts & Consumer Class Actions
Public Finance
Real Estate
Renewable Energy
Sports & Entertainment
Tax & Employee Benefits
Technology Transactions
Transportation, Logistics & Supply Chain Management
Trusts, Estates & Private Clients
Venture Capital & Emerging Growth Companies
  • Broadcasts
  • Events
  • News
  • Publications
  • View All Insights
Search By:
Insights News Open Stack
Main image for 5 Tips for Navigating ‘Wild West’ of Cyber Policies
News|Quote

5 Tips for Navigating ‘Wild West’ of Cyber Policies

Law360

3.16.2015

With insurers phasing out coverage for data breaches and other cyber-related risks from traditional policies, policyholders are increasingly turning to specialty cyber insurance products to protect themselves. However, standalone cyber insurance policies offer widely varied coverage, and the market is still a veritable “Wild West,” according to attorneys.

Here, attorneys share tips for insureds to get the most out of specialty cyber policies.

Know Your Limits and Sublimits

Purchasing a cyber policy with adequate limits and sublimits is crucial for policyholders to shield themselves against the full range of cyber risks, attorneys say.

“Do not get comfortable with only a policy’s aggregate limits,” said Sherilyn Pastor, the practice group leader for McCarter & English LLP’s insurance coverage group. “Negotiate sublimits and co-insurance amounts, particularly those related to notification costs and crisis management expenses, so your business has the coverage it needs for risks specific to it.”

Cyber policies can be “chock full” of sublimits for certain types of events or types of losses, Pastor said. A policy may include lower sublimits for costs associated with the initial response to a data breach — such as forensic analysis, notification letters and public relations — and a higher sublimit for costs tied to ensuing class action litigation, according to attorneys.

Negotiate, Negotiate, Negotiate

Policyholders should also beware policy conditions that are “vague and subjective,” such as requirements for maintaining “reasonable” data security measures, Pastor said.

“What is viewed as ‘reasonable’ at the time an insurance policy is placed may be later challenged with the benefit of 20/20 hindsight and as technology becomes obsolete,” she said.

Make It Retroactive

Companies should negotiate for favorable retroactive dates to ensure that a cyber policy covers losses arising from undiscovered breaches that occurred prior to a policy’s purchase, Pastor said. Carriers will offer retroactive coverage for claims made during the policy period for incidents that occurred one, two, five or 10 years before the policy was placed, she noted.

In addition, because hackers can strike from anywhere in the world, companies should ensure that a cyber policy’s coverage territory is universal, according to attorneys.

“If your policy’s coverage territory is limited, you could find yourself without coverage if a hacker carries out an attack from some remote location, or the breach happens while using Wi-Fi on an airplane,” Pastor said.

sidebar

pdfemail

Related People

Media item: Sherilyn Pastor
Sherilyn Pastor

Partner

Related Services

Insurance Recovery, Litigation & Counseling
Subscribe to our Insights
McCarter & English, LLP
Copyright © 2023 McCarter & English, LLP. All Rights Reserved.
  • Login
  • Attorney Advertising
  • Privacy
  • Awards Methodology
  • Contact
  • Subscribe
  • Sitemap

The McCarter & English, LLP website is for informational purposes only. We do not provide legal advice on this website. We can provide legal advice only to our clients in specific inquiries that they address to us. If you are interested in becoming a client, please contact us, but do not send any information about your specific legal question. We cannot serve as your lawyers until we establish an attorney-client relationship, which can occur only after we follow procedures within our firm and after we agree to the terms of the representation.

Accept Cancel