image

Cybersecurity

Overview

As cybersecurity risks continue to evolve and escalate, the prospect of undergoing a cyberattack is more a question of “when” than “if” for most companies. The Anderson Kill cybersecurity team includes authors of leading treatises on cyber insurance recovery; former government officials and federal and state prosecutors; IP attorneys with extensive tech experience; and attorneys with deep understanding of the technical as well as legal aspects of cybersecurity and compliance.

Our cybersecurity attorneys help clients to

  • Establish working relationships with state and federal agencies overseeing cybersecurity, including the DOJ, FBI, FTC, DHS, the federal Cybersecurity and Infrastructure Agency (CISA), the New York Department of Financial Services,  the New York Dept. of Homeland Security, and appropriate agencies in other states.
  • Develop policies to ensure compliance with the EU’s General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), other key national privacy and data protection laws, and relevant state statutes and regulations, including biometric privacy laws.
  • Establish cyber security, crisis management and disaster recovery plans and teams that address the full range of potential incidents and establish lines of communication and authority.
  • In the event of a data breach or other attack, assist in-house personnel as they work to:
  1. Verify the breach, determine its extent, and contain it.
  2. Determine what data is affected and what risks result — e.g., inoperability of computer systems, identity theft (from customers, employees, others), theft of trade secrets, liability to injured parties, government penalties, reputational damage
  3. Consider whether there is a compulsory requirement to inform anyone (e.g., regulators, data subjects, suppliers, customer) of the breach, or if there are good reasons to do so even if there is not. Establish good working relations with regulatory agencies probing the event.
  4. Consider all communications – to customers and partners, regulators, markets and the general public, including via social media —  in light of regulatory requirements, public relations considerations and litigation risk, including defamation, and in light of preserving privilege where appropriate.
  5. Assess and manage contractual obligations, with particular reference to clauses relating to data protection obligations, compliance with laws, force majeure and rights to terminate. Meet contractual notification requirements.
  6. Forestall or defend against regulatory action or litigation from consumers, other customers, or shareholders.
  7. In the event of theft, negligence triggering loss on the part of third parties, or theft of trade secrets or other IP, or cryptocurrency assets, pursue redress, including litigation if necessary.
  8. Navigate the regulatory risks and potential criminal liability associated with ransomware payments.
  9. Assess the manifold sources of loss and liability, give prompt notice to all potentially responsive insurance policies, and aggressively pursue insurance claims to cover those losses and liabilities.
  10. Conduct after-action review. Modify systems and processes to limit the risk of reoccurrence and optimize response if a reoccurrence proves unavoidable.

In today’s high-risk cyber environment, effective prevention and crisis response are a continuum.  Our team is well equipped to help clients avoid cyber losses and liabilities, mitigate them when they do occur, and maximize insurance recovery after the fact.

 

Click the links below to learn more and purchase a treatise:

Events

AI Did What? Anticipating Insurance Coverage Issues Arising from AI Liability (2023)
  • Marshall Gilinsky
  • /
  • November 3, 2023
  • /
  • Webinar
image
Strategies for Mitigating Risk Management and Data Breach Losses Arising Out of Social Media Activity (2016)
  • Joshua Gold
  • /
  • March 8, 2016
  • /
  • Rochester, NY
image
Can Cyber Insurance Stand in the (Data) Breach? How to Maximize Coverage in a Buyer’s Market (2016)
  • Joshua Gold
  • /
  • May 12, 2016
  • /
  • New York, NY
image
What Every Risk Manager Needs to Know About Data Security Aug-2014
  • Joshua Gold
  • /
  • August 21, 2014
  • /
  • Memphis, TN
image
Cyber Breach & Security: Risk Management & Insurance Issues
  • Joshua Gold
  • /
  • November 21, 2014
  • /
  • Stamford, CT
image
Cyber Security Development You Need to Know
  • Robert D. Chesler
  • /
  • January 28, 2015
image
What Every Risk Manager Needs to Know About Data Security Mar-2015
  • Joshua Gold
  • /
  • March 19, 2015
  • /
  • Orlando, FL
image
What every in-house counsel needs to know about data security
  • Dennis J. Nolan
  • /
  • May 19, 2015
  • /
  • Philadelphia, PA
image
Strategies for Mitigating Risk Management and Data Breach Losses Arising out of Social Media Activity – RIMS Tampa Bay (2016)
  • June 15, 2016
  • /
  • Tampa Bay, FL
image
What Every In-House Counsel Needs to Know about Data Security (2015)
  • William G. Passannante
  • /
  • June 18, 2015
  • /
  • Minneapolis, MN
image
What Every Risk Manager Needs to Know About Data Security Jul-2015
  • Joshua Gold
  • /
  • July 23, 2015
  • /
  • Louisville, KY
image

Publications

Protecting Policyholders as AI is Developed for Insurance Claims Handling: Ensuring “Decency and Humanity” in the Digital Age
  • Journal of Emerging Issues in Litigation
image
Cyberattacks are bankrupting health care providers. Insurance may help.
  • Medical Economics
image
The Promise and Peril of Quantum Computing and Its Implications for Cyber Insurance
  • Journal of Emerging Issues in Litigation
image
The Board’s Role in Cyber Risk Management
  • Risk Management Magazine
image
SEC’s SolarWinds Litigation Expands Regulatory Cyberrisk Landscape
  • Risk Management Magazine
image
SEC’S PROPOSED CYBER RULES UNDERSCORE D&O RISKS
  • Risk Management Magazine (RMM)
image
CYBERATTACKS — A SPOTLIGHT ON RANSOM LOSSES AND INSURANCE
  • American Bar Association (ABA)
image
Multiple Insurance Policy Lines Can Cover Ransomware Losses
  • Cyber Insurance Alert
image
Ransomware Attack on Colonial Pipeline Underscores Multiplicity of Cyber Risks and Potential Insurance Coverages
  • Cyber Insurance Alert
image
CYBER RISK MANAGEMENT IN THE PANDEMIC ERA
  • Risk Management Magazine
image
RISING RANSOMWARE THREATS AND THEIR INSURANCE SOLUTIONS
  • Law360
image
A PANDORA’S BOX OF CYBERRISKS
  • Risk Management Magazine
image
BABY MONITORS & STEEL MILLS: THE NEW WORLD OF CYBERSECURITY RISK
  • Risk Management Magazine
image

News

Insurers seek to keep pace with explosive use of AI
  • May 1, 2024
image
Companies face potentially tighter constraints on AI use as regulators lead drive to assess risks
  • May 1, 2024
image
23andMe Breach Compounded by Theft of Ethnicity Data
  • November 7, 2023
image
Cybersecurity Awareness Month with Pamela Hans of Anderson Kill
  • October 10, 2023
image
Home Depot Hack Coverage Loss Gives Policyholders Pause
  • September 14, 2023
image
Soaring Ransomware Risks Require Vigilance
  • October 29, 2019
image

People

image
Luma S. Al-Shibib

Shareholder , New York

image
image
Cameron R. Argetsinger

Shareholder , Washington, DC

image
image
Joshua Gold

Shareholder , New York

image
image
Pamela D. Hans

Office Managing Shareholder , Philadelphia

image
image
Jeremy B. Shockett

Shareholder , New York

image
Key Contact(s)
image
Joshua Gold
View Moreimage
image
Luma S. Al-Shibib
View Moreimage

© Copyright 2024 by Anderson Kill P.C.