Definition of Cyber Liability

Cyber liability (or, cyberliability) is a reference to Internet-based risks and those relating to information technology infrastructure and activities. Such are typically excluded from traditional commercial general liability policies. Coverages under cyberinsurance policies may include first-party coverage against losses such as data destruction, extortion, theft, hacking, and denial of service attacks; liability coverage indemnifying companies for losses to others caused, for example, by errors and omissions, failure to safeguard data, or defamation; and other benefits including regular security audits, post-incident public relations and investigative expenses, and criminal reward funds. (Adapted from White House report)

Lawsuits over cyber issues have increased significantly, both due to increasing cyber crime and regulations requiring the disclosure of events, such as SEC guidance and state reps covering the loss of PPI (protected personal information). Companies that disclose loss of PPI are often subjected to suits.

More and more businesses are purchasing insurance to cover potential cyber liability. If you don't know whether your business has cyber liability insurance, it probably doesn't. Most policies written in past years do not include cyber liability insurance.

To learn more, visit:

Friday, November 21, 2014

Cyber Liability Holds Up $3 Billion Federal Project

"The latest phase of a $3 billion Homeland Security program designed to protect federal computer networks from hackers is stalled because of a dispute about who will be legally liable if the system goes wrong.

For two years, negotiations between DHS and AT&T over the telecom firm’s implementation of the program have been at a standstill, said the department’s former acting Undersecretary for Management Chris Cummiskey."

Read more:

Thursday, September 25, 2014

GM Appoints Its First Cybersecurity Chief

Jeffrey Massimilla, "will be in charge of the efforts to protect the computers that run GM cars.

GM says it has established 'one integrated organization, Vehicle and Vehicle Services Cybersecurity, to deal with cybersecurity for vehicles and vehicle-connected services. This team will utilize our internal experts and work with outside specialists, to develop and implement protocols and strategies to reduce the risks associated with cybersecurity threats.'"

The car maker is setting a security foundation for the coming age of "self-driving cars," which will no doubt be literal "moving targets" for hackers: Fortune

Monday, May 12, 2014

Insurance Companies Try to Price Cyber Liability with Help from Consultants

"The goal isn't just to find out what's wrong with a particular company — although they do that and pass it on to the insurer, who passes it on to their customer — but also to develop systematic methods of risk analysis.

Insurers have old, tried and true ways to rate the risk of customers for more conventional forms of insurance, like homeowners and professional malpractice, but cybersecurity insurance is both new and increasingly competitive. It creates an uncomfortably risky situation for the insurers themselves."