One factor that could impact whether coverage is available is how the cyber liability policy defines a covered computer network or hardware, and if this definition encompasses the range of personal devices and networks that employees are increasingly tapping into from home during the pandemic.
"We're likely going to see some instances where people have been hacked through their home office, and that's going to test some of these insurance policies because every policy is different when it comes to defining what's the covered computer network or system, and insurers may argue that an employee's devices being used at home don't qualify as part of the insured computer system," said Joshua Gold, chair of Anderson Kill PC's cyber insurance recovery practice group.
While Gold views that argument as "beatable" from policyholders' standpoint, "that won't stop some insurance companies from making it," he added.
Policyholders also need to be careful when it comes to provisions that might limit coverage for risks such as social engineering attacks, replacing equipment damaged by a breach or allowing employees to bring their own devices, in order to avoid thinking they have more coverage than they actually do….
Click to read the full article