The vulnerability of America’s physical infrastructure has long been at the top of mind for national security officials, but the growing threat of cyberattacks, both state-sponsored and criminal, has led state and federal officialdom to take note. Their concern has been magnified by the increasing number of significant cyber targets in the nation, including key infrastructure. This has prompted the National Highway Traffic Safety Administration and industry stakeholders to work together to combat potential cyberattacks on automated vehicles. In a rapidly evolving and expanding internet of things environment, federal regulators must be flexible to accommodate change, and must resist the urge to ensconce autonomous vehicle cybersecurity guidance in law.
Please click here to read an overview of their strategy, which appeared in Bloomberg BNA, authored by Orrick’s Darren Teshima and Ian Adams.
The data breach earlier this month that potentially exposed information about millions of federal government employees is yet another reminder that any organization that maintains data is at risk of being hacked. And rest assured that if you get hacked, you will incur substantial costs as a result, including substantial notice and related costs and potentially massive third-party liability claims.
We have written extensively about so-called “cyber” insurance, including how cyber insurance is neither comprehensive nor standardized. As a result, when you are shopping for your first (or next) cyber policy it is important to understand what types of coverages, exclusions and conditions are in the market. Making a well-informed purchase starts with knowing your options.
There are too many differences between cyber policies to cover in one blog post, and the market, still in its youth, is rapidly evolving. But here is a list of five important things—in no particular order—to consider when you’re in the market for cyber insurance: READ MORE
The waiting has ended. On May 11, a Utah federal court handed down one of the first coverage decisions in the country construing a so called “cyber” policy. While the case did not deal with a data breach or other cyber event of the type that companies typically have in mind when procuring cyber insurance, it nevertheless may provide guidance on the scope of coverage under such policies.