Cyber-risk, Privacy, and Internet Insurance
Though some businesses perceive cyber-risks as new, the reality is that companies have faced and managed computer-related and internet-related liabilities since the late 1990s. As a policyholder lawyer, Marc Mayerson has provided counsel and provided thought leadership on related insurance-coverage issues since that time. The author of several articles on computer-based or cyber-related insurance published over the past twenty-plus years, Marc Mayerson and The Mayerson Firm PLLC can provide sound advice and representation to businesses and nonprofits on the peril of cyber-related loss. With the ever-shifting nature of cyber-, internet-, voice, messaging, video, and cloud- or web-based liability, clients benefit from having a policyholder lawyer as part of the response team.
Companies, non-profits, unions, and trade associations face the risk of liability from data breaches leading to remediation costs, notification costs, and potentially credit-monitoring costs. There is a burgeoning, albeit still developing, array of insurance offerings intended to provide some measure of insurance coverage for data breach and its attendant costs. Such policies often will cover social-engineering and business email compromise as well as ransomware. As an immature product, there are crucial differences among the various insurance policies on the market, and any individual "cyber" policy might not dovetail with the actual risk exposures of the particular insureds. Consequently, one of the valuable services provided by The Mayerson Firm PLLC as coverage counsel is to review and help tailor proposed cyber-risk policies, working closely with risk managers, CSOs, and CIOs to ensure that the policies being purchased provide real value.
Directors and officers face the risk of liability from inadequately managing cyber-risk. Consequently, there is an important intersection between directors and officers insurance and cyber-risk and cyber-risk policies. The purchase of D&O insurance or cyber-risk insurance policies provide the opportunity for stakeholders to evaluate the information security practices and the shifting risk profile associated with the use of computers and communications technologies. As coverage counsel, Marc Mayerson provides insight to ensure that board members are fully protected under company- or individually purchased insurance policies.
Any number of first-party risks, ransomware, a system failure, a cloud failure, a denial-of-service attack, or the like, can pose business-continuity risks, and insurance may be available for direct business loss and the extra-expense of co-location or disaster-recovery expenses following the policy-specified interruption, sometimes measured in terms of hours. Policyholders can turn to The Mayerson Firm PLLC to aid them in reviewing policies and properly presenting claims for coverage.
The proper presentation of data-breach, social-engineering, business email compromise, and other claims under the new insurance policies calls for experienced coverage counsel to maximize the likelihood of recovery (and to shape the proper expectations of management as to how much insurance policies might indemnify following a loss). Every case that will be litigated over the next half-dozen years will break new ground in insurance law, which is why Marc Mayerson's nearly thirty years' experience and concurrent law-school-teaching and article writing equips him to provide creative -- and cost effective -- representation.
Marc Mayerson has provided continuing education presentations on cyberinsurance for labor unions, cyber insurance and cyber security for pension and health-plan fiduciaries, insurance aspects of business-to-business transactions, and on Y2K.