Cybersecurity Insurers Are Dropping Some Law Firms: The Morning Minute

Emily Parkin

ROUGH JUSTICE – The U.S. Department of Justice appears to no longer be fooling around. As’s Nate Robson writes in this week’s Barometer newsletter, the DOJ is making critical policy changes for white-collar enforcement, including reinstating the so-called “Yates Memo” from 2015. These newly instituted policies require companies seeking cooperation credit to divulge all relevant facts about individuals involved in any misconduct, and the DOJ is taking a holistic approach when looking at companies’ prior misconduct when deciding on potential charges or dispositions. “The private sector is waiting to see how these new rules are implemented, and is watching to see if the policies disincentivize them from self-reporting violations out of fear of facing additional sanctions if DOJ has issues with a company’s history of compliance,” Robson writes. “The private sector is beefing up its compliance programs, including adding staff and ensuring they are doing comprehensive risk assessments that mirror what the government is focusing on.” To receive the Barometer directly to your inbox each week, click here.

ARE YOU IN GOOD HANDS? – Go ask the plaintiffs in COVID-19 business interruption cases what happens when worse literally comes to worst: insurance coverage becomes more essential to have and way harder to get. And, with all due respect to the coronavirus, risks don’t get much riskier than cybersecurity. As’s Victoria Hudgins reports, small law firms are facing insurance carriers that are placing a heavier emphasis on proactive cybersecurity measures, dropping clients, and even exiting the cyber insurance space when the risk outweighs the premium. In the last eight months, insurers have increasingly dropped policyholders that don’t have multifactor authentication in place, which typically includes small law firm clients, noted Amy Landefeld, cyber product lead and digital underwriting manager at insurance provider Beazley. But its not all the firms’ fault. The past approximately two years of increased ransomware attacks has taught insurers an expensive lesson regarding cyber insurance, noted Kevin Novak, cybersecurity managing director of information governance and data risk management provider Breakwater Solutions. “It’s a result, not necessarily because of [small law firms], but the insurance firms are beginning to readjust, better understand what the market is relative to cyber breaches,” Novak said. “They’re starting to recognize they can’t carry the same policies for everyone. It’s becoming a big problem in the market.”

Next Post

New 2022 California Employment Laws: How Businesses Can Protect Themselves

COVID-19 has permanently changed the workplace we once knew. Employers needed to adapt to new legislation meant to deal with the unprecedented impact of the pandemic. Expansion of the California Family Rights Act, mandatory paid sick leave for COVID-related illness, extended workplace safety protections, and workers’ compensation coverage for employees […]