Cyberloss subrogation law firm – Things to keep an eye on in 2015.
Steve Vondran, Esq. is a civil litigation lawyer licensed to practice law in California and Arizona. He is a former executive counsel member for the Arizona state bar intellectual property section and a formerly worked at a web-based software company (ASP) (Timeledger.com) as digital marketing / project manager while going through law school. Attorney Steve was also one of the early “Privacy Law” consultants working for Experian to help position and implement products designed to assist with Gramm Leach Bliley (GLB) privacy compliance for financial institutions.
Mr. Vondran has also served as a volunteer legislative analyst for the Identity Theft Resource Center in San Diego, and previously worked for Epoch Internet, an Internet Service Provider based in Orange County, California. He graduated from Whittier Law School with a focus on Intellectual Property Studies. He has a passion for digital technology, software, and information systems and has designed two software programs. The Law Offices of Steven C. Vondran, P.C. handles insurance subrogation claims for several carriers in the Southwest United States region. We love to fight for our Clients and recover money due the carrier. Attorney Carl Guerrieri is one of the top subrogation lawyers in the Country and has a strong passion for what he does.
What types of business risks will brick and mortar and online business be wanting to insure against?
A. Typical first party coverage items:
1. DATA BREACH / DATA LOSS (this is most important to financial, medical, online retailers, media, entertainment & technology companies and restaurants). Smaller companies with lesser resources to devote to Cybersecurity may be at greater risk of loss. Customer personal identifying information (“PII”), financial data and medical records (Private health information – “PHI) being exposed creating privacy concerns and risk of identity theft. Such information can include – diseases suffered, medications taking, social security number, date of birth, credit card payment information (what people are buying), credit card numbers, passport numbers, etc.
Typical reported losses:
a. Crisis services: Forensic investigation to identify cause of breach and patch | breach notification to affected clients (many state laws require notification to the affected persons) | costs of credit monitoring for affected clients
b. Legal fees & guidance: costs to defend data breach privacy lawsuits | costs of settlements
c. Regulatory fines and penalties and response to regulatory investigations (ex. FTC or State Attorney Generals) & PCI Fines (Payment Card Industry Data Security Standards). Fines can be from $5,000 to $500,000.
d. Loss of client due to defection (opportunity losses)
e. Public relations & reputation management costs (costs to replace lost business goodwill)
f. Costs to restore data
Some reports, for example from NetDiligence CyberClaims Study 2014, indicate that in 2014 the losses can be as high as $956 per exposed record, and average payout could be $733,109. These are staggering losses that carriers must find a way to try to recover through subrogation efforts.
Typical reasons for the losses
1. Hackers (improper network security)
2. Malware & viruses (improper network security)
3. Staff & employee mistakes & misuse (negligence, improper training, or failure to follow corporate policies)
4. Disgruntled employees (laptop, software & hardware theft which allows data exposure)
5. Social attacks (social engineering) – form of cyber espionage
2. Business interruption – For example, a loss caused by a Distributed Denial of Service (“DDOS”) attack. When businesses suffer down time, they lose orders, and lose credibility with their clients (loss of opportunity). For online retailers, this can be a significant financial loss to deal with.
3. Theft of Trade Secrets – For example technology companies that have been hacked and lost valuable trade secrets. A trade secret derives its value from being not generally known in the relevant industry. When a hacker gains access to this critical corporate information, the company can be financially ruined and all investment can be lost.
4. Online copyright infringement – with the risk of everything digital being subject to copyright laws (anything that is “fixed in a tangible medium and which is a creative work of authorship”) is protected by copyright laws whether a copyright is registered or not. Accidental and willful copyright infringement can occur by employees and staff, and there may be director and officer liability for copyright infringement.
5. Cyber extortion & cyber terrorism – This is another problem area which we will be expanding on in other blog posts.
6. Electronic media & website publishing liability – This is another area where cyber-loss claims can arise.
Potential subrogation targets for Cyber insurance losses
Contact a Law Firm that is ready to discuss a cyber subrogation strategy for carriers
Latest posts by Vondran Legal - Business, Real Estate, Insurance, Technology & Civil Litigation Counsel (see all)
- U.S. Supreme Court Says Cheerleader Uniforms Copyrightable - March 22, 2017
- Can you copyright a signature yoga pose or choreographed dance move? - February 24, 2017
- Did your company receive an email about an “Autodesk Software Review” - February 20, 2017
- Malibu Media Lawsuit Updates – Defendant wins! - February 14, 2017
- “Back off buddy” – Intentional interference with prospective economic relations under California law explained - February 1, 2017