One click is all it takes to order goods, exchange payment, and have the items shipped and delivered to a doorstep within hours.
But what happens when that one click is not used to facilitate commerce, but rather used to intentionally or even accidentally disrupt a network? When one click releases a malicious code causing an assembly line to come to a screeching halt? When one click transfers millions of dollars to a fraudulent account? When one click by a rogue employee disseminates the contents of personal files to the public? In these instances, who is ultimately responsible?
In recent cases, fingers have pointed directly at the board of directors. Since 2013, several shareholder derivative suits have been filed following network security breaches. Defendants have included Home Depot, Horizon Blue Cross Blue Shield, Target, Wyndham, and Wendy’s. Technology is changing at a rapid pace, and it is clear that consumers and shareholders have high expectations for businesses and those who run them.
Allegations in these network security cases have included breach of fiduciary duty, negligence, breach of implied contract, and violation of various state and federal statutes. Interestingly, most of the aforementioned cases have been dismissed (or settled) – apart from Wendy’s, which is still in its early stages. These dismissals are showing that the plaintiffs are having difficulty: (1) proving corporate mismanagement as a direct cause of harm from a data breach, and (2) showing actual compensatory injuries as a direct result of the breach. Courts have been dismissing cases in which actual damages have not been proven.
Cases alleging executive mismanagement are subject to the business judgment rule, which presupposes that the individuals on the board acted in good faith, on an informed basis, and in the best interests of the company. Absent insurmountable proof that D&O’s acted in self-interest or were grossly negligent in their actions with regard to preventing a breach, those allegations have not been holding up.
Additionally, plaintiffs must prove actual economic harm has occurred as a result of a breach. Judges in recent cases have proven strict on this requirement, as evidenced by the Wendy’s case in which the original complaint was dismissed as allegedly fraudulent charges to the plaintiff’s debit card were not sufficient grounds upon which to bring suit. To further clarify that requirement, U.S. District Judge Claire Cecchi of the District of New Jersey (who presided over the Horizon BCBS case) said the individual plaintiffs "cannot rely on their increased likelihood of future harm as a basis for their case."
Despite the dismissals, this litigation highlights several concerns for Directors & Officers (D&O’s). Not all cases or allegations are being dismissed. Some financial institutions and regulators have found success in their lawsuits brought against D&O’s. Settlements have been made to avoid extensive litigation in certain cases. Even when allegations don’t stick, there may still be hefty defense costs. The relentless pursuit by plaintiff attorneys highlights that there exists a pervasive expectation of, and onus placed upon Directors & Officers with relation to cyber exposures. These individuals are collectively responsible for making important decisions on behalf of their organizations and may be held personally liable in the event that these decisions produce egregiously negative effects on the company as a whole.
D&Os remain particularly susceptible to plaintiff claims in relation to cyber exposures. These individuals are collectively responsible for making important decisions on behalf of their organizations and may be held personally liable in the event these decisions produce egregiously negative effects on the company as a whole.
It is imperative that directors and officers secure a comprehensive executive liability insurance program to protect themselves, but appropriate coverage is just one component of effective protection. As security and privacy breaches continue, and subsequent suits emerge, it is paramount that D&O’s can show they’ve taken the necessary steps to protect the information of their customers, as well as the interests of their companies.
So what can be done? How can D&O’s effectively mitigate their cyber liability exposure and that of the companies they are charged to lead?
1) Understand the risk.
2) Minimize the risk.
3) Be prepared.
Incidents are inevitable, and while the above measures can help mitigate liability in the event of a breach, no plan is foolproof. Dealing with a cyber-security incident is complicated, expensive, and time-consuming. A comprehensive privacy & network liability insurance policy provides valuable protection for a company, as well as pre-breach loss mitigation services.
D&O and Cyber Liability policies are specifically designed to address different elements of cyber risk. Whether created to respond to a breach or to protect D&O’s for their business judgments, these policies should be evaluated by an insurance broker who specializes in these lines of insurance. AmWINS Brokerage employs a nationwide team of product experts ready to assist in the analysis and placement of D&O and Cyber Liability insurance.
ABOUT THE AUTHOR
This article was authored by Megan North, a member of AmWINS' national Professional Lines Practice.
Legal Disclaimer. Views expressed here do not constitute legal advice. The information contained herein is for general guidance of matter only and not for the purpose of providing legal advice. Discussion of insurance policy language is descriptive only. Every policy has different policy language. Coverage afforded under any insurance policy issued is subject to individual policy terms and conditions. Please refer to your policy for the actual language.
(c) 2017 AmWINS Group, Inc.
In the current economic climate, many small businesses are struggling and some may even fail. Despite these challenges and the continued hardening market, there is opportunity for retailers to write and retain business. This article provides guidance on navigating the complex small business marketplace and helps retailers fine tune their understanding of what insurable risks will look like over the next 12 to 24 months.
Product recalls are one of the most damaging events a business may encounter. In order to effectively respond to an incident, companies must be prepared with proper risk management strategies. As policy wording varies, it's also critical to ensure your clients have the right policy type in place to appropriately address their first- and third-party exposures.
Our Q2 2020 State of the Market report provides a holistic view of highly impacted industry segments as well as overall market trends. This report is designed to help our retailers gain the knowledge they need to retain accounts, write new business, overcome challenges and capitalize on opportunities that do exist.
Severe weather can be unpredictable and strike at any time. Help your clients be prepared in the event their property is damaged by a hurricane, tornado, hailstorm or similar disaster with these 10 catastrophe claim tips.
As a result of the COVID-19 crisis, our industry is facing a broad array of challenges that impact insureds of every size and in every industry. In the first of a series of webinars, we hear from an economist on the financial impacts of COVID-19 and what we can expect in the future. This webinar is intended to complement your conversations with clients about how to plan for the next 12 to 24 months.
This podcast features an update from John Neal, CEO of Lloyd’s, on the state of the Lloyd's market and their response to COVID-19 as well as a panel discussion with London Property underwriters on how they view the pandemic's impact both the Property sector and their syndicate's business.
This podcast features an update from John Neal, CEO of Lloyd’s, on the state of the Lloyd's market and their response to COVID-19 as well as a panel discussion with London Casualty underwriters on how they view the pandemic's impact both the Casualty sector and their syndicate's business.
This podcast features an update from John Neal, CEO of Lloyd’s, on the state of the Lloyd's market and their response to COVID-19 as well as a panel discussion with London Professional Lines underwriters on how they view the pandemic's impact both the Professional Lines sector and their syndicate's business.
Ninety-eight percent of all United States counties were impacted by a flood event in 2018, yet many property owners remain unaware of their true risk of flood or what their existing policies cover. This article highlights key statistics about flood risk and outlines the differences between the National Flood Insurance Program and private market flood insurance.
The COVID-19 crisis has created a rapidly changing environment for the Professional Lines market. With the uncertainty of how claims will develop and the potential for increased exposure, retailers must be proactive. In this article, AmWINS specialists share their insights on why this is more important now than ever, including reactionary underwriting trends, D&O policy exclusions and impacts to EPLI, as well as the threat for increased cyber attacks and crime losses.
Loss of revenue caused by stay-at-home orders due to the coronavirus pandemic has affected small businesses and the insurance industry serving them significantly. As retailers and carriers prioritize their focus to adapt to the “new normal” of daily transactions, underlying market dynamics remain unchanged. In this article, our experts share their insight on the current changes that we are seeing the small business and personal lines market, and how to navigate the market a this time of uncertainty.
The disruptive impact of the COVID-19 outbreak on supply chains is already having a pronounced effect on the world of logistics and logistics insurance. Port closures, demand surges and production shifts are requiring nimble response to keep up with change. This article arms insurance brokers with the information needed to understand the changes taking place and plan for what is likely to occur in the months ahead.
The Casualty market’s response to COVID-19 is continuously evolving. With a wide array of factors already impacting this sector pre-crisis, segments of the Casualty marketplace are responding to the pandemic differently. In this article, our industry specialists share overall themes in the Casualty market and take a closer look at how various segments are being impacted.
The COVID-19 pandemic is causing historical disruption to the construction industry. These changes mean that risk mitigation strategies need to be implemented or revisited, policy language should be reviewed, and carriers should be apprised of all changes at the work-site. In this article, AmWINS specialists examine the major areas of concern for Builder’s Risk insureds, including government-mandated shutdowns, supply chain-driven slowdowns and policy wording that could limit coverage, and provide guidance for retailers to achieve the best results for their clients.
For decades, the logistics insurance market has been considered a sub-market of the cargo or ocean marine market. However, the continual rise of e-commerce and its effect on the global supply chain has carved out a complex and expansive industry niche. This article provides insight into the various lines of coverage, the specialized underwriting approach, and rate surges within the U.S. logistics insurance market.
During the COVID-19 pandemic, Lloyd’s remains open for business and syndicates have successfully transitioned to working from home. However, there are notable changes in how the London market is approaching business. In this article, specialists from THB, AmWINS’ London broker, share their insight on consistent themes across the London Market as well as updates on various lines of business.
There have been a lot of questions regarding COVID-19, in particular about coverage and claims handling. This claims advice is intended to offer guidance to help our retail clients through these difficult times.
As the healthcare industry remains on the front lines of battling the COVID-19 pandemic, staying abreast of the changing landscape and how the insurance market is adapting is critical to ensure new exposures are covered and renewals are successfully placed. In this article, our specialists share what they are seeing in the Healthcare and Senior Care markets, tips for risk control and mitigation, and how to get the best results for insureds.
Public entities are facing a climate of change as the market continues to harden and insureds are faced with double-digit rate increases in property and liability. Contributing to this disruption are statute of limitation changes for sexual abuse victims, which have extended or removed the time limit for which a victim can file a claim. This article examines the impact of increased claim activity and discusses considerations that need to be made to better manage costs during this time of uncertainty.
The disruption to business and everyday life caused by the coronavirus (COVID-19) pandemic is resulting in an economic impact for insureds. Much of this disruption is likely not covered by insurance. We have consulted with several AmWINS insurance specialists across the Property, Casualty and Professional Lines sectors and offer a COVID-19 update.