Paul Hastings Hosts Panel on Cybersecurity Insurance Trends and Insights

Paul Hastings LLP
Contact

Paul Hastings LLP

On May 8, 2024, Paul Hastings hosted the Cybersecurity Law Workshop at this spring’s Privacy + Security Forum featuring a panel on cybersecurity insurance trends and insights. The panel was moderated by Paul Hastings’ David Coogan and featured Alisa Langford-Marion, a cybersecurity insurance broker from WTW and Jennifer Sadoff, Deputy General Counsel at AvidXchange.

The panel covered recent insurance market trends, litigation developments, and practical guidance for companies as they seek coverage, plan and prepare for incidents, and navigate the claims process.

Here are some of the main takeaways from the panel—

Pre-incident Considerations. Before an incident occurs, organizations should purchase cyber insurance. Panelists emphasized companies should work with their broker and think through the cyber insurance risks they are trying to insure against to ensure they get the most out of their cyber insurance coverage. Organizations should also establish an incident response program prior to an incident. Speakers explained that, in developing their incident response program, organizations should include information about their broker, outside counsel, and insurance policy. Speakers went on to note that, before an incident occurs, organizations should hold tabletop exercises and consider their preferred vendors in the event of an incident. When conducting tabletop exercises, panelists recommend organizations conduct these in such a way that their internal teams are not expecting it so that it is more realistic to an actual incident and the organization can be better prepared when an incident occurs. 

Considerations During Incident. Panelists discussed several considerations organizations should account for when responding to a cybersecurity incident. Speakers noted that organizations should implement the incident response plan that they had previously established. Organizations should also work closely with outside counsel, outside vendors, and their broker in responding to the incident. Panelists highlighted that claims advocates who work for insurance brokers can be integral in working with an insurance carrier.  Finally, speakers noted that organizations should plan in advance if the company needs approvals for ransomware or extortion payments.

Considerations After Incident. Upon closing out the organization’s response to an incident, panelists discussed the administrative requirements for reimbursement including submitting a proof of loss, labeling invoices, implementing safeguards, and reviewing the incident response plan. For proof of loss, panelists explained that a formal proof of loss may not be required and companies should work with their broker and carrier to understand what is required.

The Privacy+Security Forum is hosted twice a year by Daniel Solove and Paul Schwartz, and brings together leading experts in the areas of privacy and security law. Paul Hastings was a sponsor for this spring’s Forum, which took place from May 8-10 in Washington, D.C.

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations. Attorney Advertising.

© Paul Hastings LLP

Written by:

Paul Hastings LLP
Contact
more
less

PUBLISH YOUR CONTENT ON JD SUPRA NOW

  • Increased visibility
  • Actionable analytics
  • Ongoing guidance

Paul Hastings LLP on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide