There is barely a month that goes by when we don’t hear about some major company or organization having fallen victim to a cyber attack or other privacy breach. While the stories we hear in the news often involve hundreds or thousands of impacted customers or patients, the incidence of smaller scale privacy breaches is much higher. Businesses of every size and in every industry are experiencing data breaches of varying levels. It seems the “risk” of a privacy breach isn’t really a “risk,” but, rather, almost a certainty for every business and organization – whether they know they’ve suffered a breach or not. The availability of cyber insurance for losses arising from such breaches has increased significantly over the past decade. However, with no standardization of policies and forms, and the dearth of case law analyzing the existing policies, just how much coverage cyber policies really provide is unclear.

This “Cyber Insurance 101” course will provide an introduction to the world of cyber insurance (sometimes more specifically called “cyber liability insurance,” “cyber risk insurance,” “network security insurance” or “privacy breach insurance”). The course will identify the most common types of losses and costs associated with cyber attacks and other privacy and data security breaches, address potential sources of coverage for cyber losses under traditional business insurance policies, review some of the more common cyber coverage provisions, and briefly review some relevant court decisions that have analyzed cyber coverage under traditional property and liability policies.