March 17, 2023

If You Are Having Difficulty Obtaining Adequate Cyber-Insurance Coverage, You Are Not Alone

Hall Estill Attorneys have heard that some businesses are having difficulty obtaining adequate cyber-insurance coverage. Standard IT/software contracts typically require mutual security and storage obligations as well as insurance coverage in the event of a claim. However, obtaining adequate coverage can be more difficult than ever because of the increasing frequency of claims. 

 

In its 12th annual Cyber Claims Study, NetDiligence found that ransomware payments now average $270,000, with ransomware being the most frequently occurring claim and the number one most expensive covered claim by total dollars. Combined with overall increases in other forms of claims (i.e., business email compromise, business interruption, etc.), insurance companies are becoming more stringent in application requirements and more conservative in policy limits.


In spite of this, coverage can typically still be obtained based upon your overall needs and budget, but you may have to look outside of your traditional agent to find the right policy. For example, there “active insurance” companies that exist that provide up to $15 million in coverage and also provide monitoring and threat detection services as part of your premium. 

 

Typical requirements for cyber-insurance policies are multi-factor authentication, end-point detection and response, business interruption plans, privacy policies, and mandatory employee training on privacy and breach response. If your company is in need of cyber-insurance or higher limits, our Cybersecurity and Data Privacy Practice Group can assist you through the process, including preparation of appropriate policies and procedures that may be required by the insurance application.  

 

Please do not hesitate to contact your Hall Estill attorney or a member of the Hall Estill Cybersecurity and Data Privacy Team if you have any questions.


Hansel McGill Walke Cybersecurity

Cybersecurity and Data Privacy Practice Group

Attorneys in this practice assist clients who have experienced a cybersecurity incident in evaluating the company's legal obligations, including notification requirements, under various state and federal laws. 

www.HallEstill.com

Tulsa  918-594-0400  |  Oklahoma City 405-553-2828  

Denver 303-607-5450   Fayetteville 479-973-5200 | 

E-newsletter Disclaimer
By receiving this e-mail from Hall Estill you agree it does not create an attorney-client relationship. The content of this e-mail is intended solely to provide information about our law firm and does not guarantee an expectation of results for any current of prospective client, or to convey any comparison of our services to those offered by other law firms.
Share this email
Facebook  Twitter  Linkedin