Attention:
Card image cap

Before and After the Attack: Key Cyber Insurance Considerations and Incident Response


Level: Intermediate
Runtime: 52 minutes
Recorded Date: April 18, 2024
Click here to share this program
Printer-Friendly Version
Closed Caption

Agenda

  • Overview
  • Acquiring Cyber Insurance
  • Transparency with Insurance Companies
  • Insurance Applications
  • Risk Posture
  • Policy Collaboration
  • Claim Handlers: Challenges
  • Carrier Relationship
  • Insurance Challenges
  • War Exclusion
  • “Silent Cyber”
  • Ransomware
  • Takeaways

For NY - Difficulty Level: Both newly admitted and experienced attorneys

Description

Led by seasoned professionals in cyber insurance law and risk management, this discussion underscores the importance of transparency and preparation in dealing with cyber incidents. Emphasis is placed on the need for careful consideration of risk posture, involvement of key stakeholders, and engagement of knowledgeable brokers to navigate policy endorsements and legal requirements effectively.

Throughout the discussion, these experts caution against common mistakes in the application process and highlight the significance of maintaining good relationships with adjusters and carriers. The session concludes with a call for better clarity and communication among insurance carriers to address evolving challenges in cyber insurance coverage disputes and ensure fair treatment of policyholders.

Provided By

Card image cap Securities Docket
Card image cap

Panelists

Card image cap

Shruti Engstrom

Senior Vice President - Cyber/E&O Claims
Aon Cybersolutions

Shruti is a trusted adviser, advocate and problem solver for clients. She has over 20 years of experience helping clients protect and recover their insurance assets by leading strategy in investigations, litigation and settlements. Her experience provides unique expertise in insurance policy construction and interpretation, insurance coverage legal principles, policyholder advocacy and risk mitigation strategy.

Card image cap

David Fontaine

Senior Operating Partner
Temerity Capital Partners

David Fontaine is a Senior Operating Partner at Temerity Capital Partners, where he works to oversee the operations of Temerity’s various portfolio companies and related investments. Currently, David works closely with the management of Asurity to improve operations and to evaluate strategic options. He also serves as the Chairman of Oliver.
Prior to joining Temerity, David served as the CEO of Corporate Risk Holdings (CRH) and its subsidiaries (Kroll HireRight). At CRH, David developed and successfully executed a corporate growth strategy that resulted in across-the-board improvements in organizational performance, leading to the sale of each of CRH’s operating companies.
David graduated from Trinity College, Hartford, CT and earned his J.D. from the Yale Law School.

Card image cap

John Reed Stark

President
John Reed Stark Consulting, LLC

A proven and experienced trusted advisor to Boards of Directors, CEOs, CIOs, CISOs and GCs on the subjects of Cybersecurity, Incident Response, Cyber Insurance and Digital Regulatory Compliance. John Reed Stark Consulting LLC manages cybersecurity projects and incident response investigations on behalf of both the government and the private sector. The firm also provides internationally recognized expertise on SEC/FINRA regulatory issues, especially those relating to technology.

Mr. Stark also serves as an expert in engagements pertaining to technological aspects of investigations, prosecutions and enforcement matters conducted by the SEC, FINRA and the U.S. Department of Justice (DOJ) and aids in structuring and running corporate compliance projects for broker-dealers, investment advisers and other regulated entities. Mr. Stark also provides neutral expert testimony in the realm of securities regulation on behalf of individuals, entities and government agencies, including in opposition to, and on behalf of, the SEC and other government agencies.

During Mr. Stark’s 11-year tenure as Founder and Chief of the SEC’s Office of Internet Enforcement, he led an extensive range of substantial and pioneering SEC enforcement actions. During Mr. Stark's 5-year tenure as Managing Director and Washington, D.C. office head at Stroz, Friedberg, an international digital risk management firm, he gained an unusual breadth of experience in the realm of technology-related law enforcement and regulation; in cyber-incident response and digital risk resilience; and in leading all varieties of technology-related crisis management.

In addition to authoring over one hundred articles about cyber-related topics, including regulation, compliance, risk resilience and incident response, Mr. Stark has been a frequent guest commentator in the national media on cybersecurity, securities regulation and other related areas. Mr. Stark also wrote a column for Compliance Week magazine and his own blog, entitled "Stark on IR," on Cybersecurity Docket (where he is also contributing editor) and a column for Law360.

Mr. Stark also served: 1) For 15 years as an adjunct professor at Georgetown University Law School, where he taught a course on law/regulation/cybercrime and technology; and 2) Since 2017 as Senior Lecturing Fellow at Duke University Law School (Winter Session in 2017 and 2018, Spring and Fall semesters in 2019, 2020, 2021) teaching a course entitled,"Legal Issues of Cybersecurity and Data Breach Response." Mr. Stark has also taught a range of in-service sessions on cybercrime at the FBI Academy in Quantico, Virginia.

Mr. Stark is also a member of the Duke University School of Law Board of Visitors and the James B. Duke Society.

Card image cap

Scott N. Godes

Partner
Barnes & Thornburg LLP

Scott is dedicated to helping corporate policyholders with insurance coverage issues. By taking on matters that are often difficult, complicated and untested – including two of the first cyber insurance coverage cases in the country – Scott works to design a creative, optimized path to problem-solving that enhances their chances of recovery. Effective, thorough and practical, Scott is valued by clients and colleagues alike for his depth and breadth of knowledge and experience in insurance law, and for finding the right solution to each client’s distinct problem.

Scott regularly represents clients facing insurance coverage issues arising out of ransomware, business email compromise, cybersecurity, data breaches, cyberattacks, privacy and other technology-related claims. He focused on insurance coverage for cybersecurity and privacy risks in 2008, allowing him to join his long-standing interest in technology with a new area of insurance. Since that time, he has litigated some of the few court cases regarding the scope of coverage available under cyber insurance policies, as well as coverage under other insurance policies for losses due to cyberattacks, privacy events, and wire and computer fraud.

Early in his insurance coverage career, Scott served co-lead counsel in a landmark insurance coverage class action trial that spanned four months. It was the first trial of its kind leading to a decision that insurance coverage was available, without aggregate limits, for thousands of asbestos claims. In addition to that example, Scott has represented policyholders in a wide range of disputes. He often handles matters from the inception all the way through appeals. He has argued and briefed insurance coverage disputes in federal Courts of Appeals and state supreme courts.

Scott’s practice often involves declaratory judgment, breach of contract and bad faith insurance coverage actions, insurance-related bankruptcies and adversary actions, federal court receiverships, insurer rehabilitation actions, and commercial arbitrations. He has litigated and advised clients regarding insurance coverage for cyberattacks, data breaches and cyber security issues, business email compromises and CEO fraud, network failures, advertising injury, libel, ransomware and personal injury claims.

Scott also advises clients about the insurance coverage issues related to first-party property, Telephone Consumer Protection Act (TCPA), directors and officers (D&O), securities, errors and omissions (E&O), crime and fidelity bond, general liability and consumer class action claims. He has effectively navigated complex litigation involving business interruption, extra expense, contingent business interruption and first-party property claims, as well as computer data, hardware and software claims, mass tort liabilities, flood, product liability and asbestos claims.

In addition to his insurance coverage experience inside and outside the courtroom, Scott has significant trial experience on other matters. He served as trial counsel on the issues of whether a complainant established a “domestic industry” and public interest issues in a Section 337 investigation of the Tariff Act of 1930 before the ITC. His trial and appellate experience in court and before arbitrators and administrative law judges have involved federal government contract bid protest, security clearance revocation, prime and subcontractor dispute, discovery, breach of contract and property damage, and negligence.

Moreover, Scott has represented protesters and interveners in bid protests before the U.S. Government Accountability Office (GAO), U.S. Court of Federal Claims and the Superior Court of the District of Columbia. He also has litigated disputes related to teaming agreements between federal contractors in arbitration and contract claims before the Armed Services Board of Contract Appeals (ASBCA).

Scott edits the BT Policyholder Protection blog.

Prior to joining the firm, Scott served as in-house counsel to an internet company.


Card image cap

Similar Courses

Card image cap
85 minutes
A Practical Guide in Drafting Data Privacy and Security Agreements: Mitigating Data Security Breach Risks
Listen as experienced data security attorneys Kenneth Dort (Faegre Drinker Biddle & Reath LLP) and Melissa Krasnow (VLP Law Group LLP) provide a comprehensive discussion of the latest trends, developments, and critical issues surrounding data privacy and security agreements. They will, among other things, offer practical tips and strategies for drafting these provisions in light of recent developments and the current legal landscape.

The Knowledge Group

$115

Add to Cart
Card image cap
49 minutes
A.I. and Cyber-Incident Response: The Latest Network Defenses, Monitoring and Countermeasures
AI is being increasingly used in cybersecurity, creating new challenges for incident responders, but also offering opportunities for quicker identification and security issue prevention. As such, it is crucial for CISOs to embrace AI for defense against bad actors while also considering the legal and security implications of its usage.

Securities Docket

$75

Add to Cart
Card image cap
61 minutes
Act Like a Lawyer, Think Like a Cyber Professional
Our expert panelists will cover topics such as legal and regulatory frameworks for cybersecurity, data protection laws, incident response planning, and risk management. Participants will leave with a better understanding of the legal and technical considerations involved in cybersecurity, enabling them to make informed decisions that protect their organizations from cyber threats.

Women, Influence & Power in Law Conference

$65

Add to Cart
Card image cap
60 minutes
AI and the Law: A Wild, Wild Ride Begins...
If you thought the rise of the Internet and services like Napster pushed the boundaries of the law, you ain’t seen nothing yet until you’ve seen artificial intelligence (“AI”). Experienced intellectual property lawyer Peter Afrasiabi provides an overview of AI.

New Media Legal

$75

Add to Cart
Previous Next