Part two of this series continues exploring cybersecurity regulations and breach notification requirements. [Read Part One here].

The first installment of this post mentioned some of the cyber security regulations in New York, which has been noted as leading the pack in this area.1 Part two follows up with a few additional regulations and calls to action that address cyber issues.
Continue Reading New Cybersecurity Regulations Series (Part Two)

This is the first post in a two-part series about cybersecurity regulations and breach notification requirements.

Recent headlines of high-profile cyber-attacks confirm the maxim that the cover up usually causes more trouble than the event itself.
Continue Reading What the Heck Was Uber Thinking: Non-Disclosure and Other Missteps After a Data Breach Are Prime Triggers For Regulatory Scrutiny (Part I)

In a win for third-party victims of a cyber security attack, the United States Court of Appeals, District of Columbia reversed a lower court’s decision dismissing a class-action suit against their health insurer for breach of contract, negligence, and violation of various state consumer-protection statutes, after their personal information was stolen during a data breach.1
Continue Reading Appellate Court Reverses Lower Court’s Dismissal of Plaintiffs Data-Breach Claim

Restaurants are prime targets for hackers. Restaurants gather customer credit card information on a daily basis and are responsible for storing and protecting that information. All restaurant owners should have insurance policies that not only cover their physical property damage and business interruption in case of property damage, but data breaches as well. Data breaches, as explained in my earlier blog, are usually not considered “tangible property” and are therefore not covered under most basic property insurance policies.
Continue Reading New York Restaurant’s Data Breach Not Covered Under Their Business Owners Policy

In the wake of the Equifax, Target, Yahoo, and even the SEC being hacked, many small businesses are wondering how can they protect themselves when major companies with much larger budgets and cybersecurity techs on staff can’t protect themselves. I recently went to a course where one of the speakers said: “There are two types of people, those who have been hacked and those that just don’t know it yet.”
Continue Reading I’ve Been Hacked! Am I Covered?

To paraphrase the film noir classic Asphalt Jungle, cyber-crime is a left-handed form of human endeavor.

The District Court for the Southern District of New York has ruled in Medidata v. Federal Insurance Company,1 that a company duped via e-mail into wiring sums of money overseas by an unknown actor was covered under the company’s computer fraud policy, rejecting arguments that the coverage was limited only to hacking into policyholder’s computers.
Continue Reading Federal Court Finds Coverage for Company Spoofed by E-Mail Fraudsters