July 6, 2016
Cyber risks should have directors and officers thinking beyond specialty cyber coverage that covers their companies’ first-party losses and third-party liabilities. Just as cyber risks require input from management outside the IT department, the fallout for improperly managing corporate cyber risks reaches the boardroom. Shareholders have filed derivative suits with varying degrees of success. Regulators have made clear that they can and will enforce laws that punish companies, and their top management, for failing to adequately protect against cyber risks. Key protections against these risks lie in identifying, securing and pursuing insurance coverage beyond a cyber policy – mainly via Directors & Officers and Errors & Omissions policies.