The Source for Cyber Insurance News, Insights and Data
Four companies have settled charges by the Securities and Exchange Commission (SEC) that they made “materially misleading disclosures” after being breached in 2020 by the SolarWinds’ Orion software hack (US public companies have been required to disclose material cyber events since last year, see this.) But two of five SEC commissioners dissented on the charges, … Read more
Thought the risk of being sued for a cyber breach was already high? It’s getting worse, Carolyn Purwin Ryan, a partner in Mullen Coughlin LLC’s data privacy and cybersecurity practice, told viewers during a recent webinar. Ryan noted that cyber breaches requiring the notification of >10,000 individuals often triggered a class-action lawsuit. But weeks ago … Read more
What some call the largest IT outage in history was caused by a faulty software update, not a cyber attack. But the team at Broadstone thinks the CrowdStrike debacle this summer will move the cyber liability insurance market anyway. “The CrowdStrike event, along with other recent cyber incidents like MoveIT, Change Healthcare, CDK Global, and … Read more
“Artificial intelligence systems” (“AIS”) and “external consumer data and information sources” (“ECDIS”) can help insurers and companies, New York State regulators concede, but the technologies better not hurt “protected classes” or “perpetuate or amplify systemic biases that have resulted in unlawful or unfair discrimination,” warns the state in new regulatory guidance. Given the complexity of … Read more
The Securities and Exchange Commission (SEC) has sued SolarWinds Corporation, the software company, and its chief information security officer, Timothy G. Brown, for fraud and internal control failures in relation to the company’s major hack in 2020, reportedly conducted by Russian intelligence. “The complaint seeks permanent injunctive relief, disgorgement with prejudgment interest, civil penalties, and an … Read more