Crisis Management

The world recently experienced an unprecedented global cyberattack that targeted the public and private sectors, encrypting and locking electronic files. So far, it is estimated that hundreds of thousands of entities worldwide were victims of WannaCry ransomware; and just as WannaCry is subsiding, a new attack, Adylkuzz, is taking its place, crippling computers by diverting their processing power. Now the world needs to begin building a Cyber Defense Arsenal.

Will the Ancient Document Exception to the Hearsay Rule become Ancient History? The proposed abrogation of the Federal Rule of Evidence regarding the “ancient documents” exception to the hearsay rule, if enacted, would be effective December 1, 2017.  While enactment would have minimal or no effect on many areas of the law, it would profoundly affect other areas such as prosecution of sexual or child predators and war criminals. Additionally, it would have implications in the environmental and coverage arena where documents more than 20 years old are frequently used to establish liability and coverage.

While cyber espionage, crimeware, and other types of cyber attacks and theft are nothing new, even for Sony, the FBI’s determination that North Korea was behind the recent devastating attack raises critical alarms. The attack did not merely harm Sony Pictures Entertainment’s (SPE's) intellectual property and data; it was intended to and did cause physical harm to its network and operations. North Korea literally planted and detonated a bomb within SPE’s systems. The implications for businesses, brokers and insurers are significant and raise additional concerns about Congress’s failure to extend the Terrorism Risk Insurance Act of 2002.

The critical trend of data security breaches and cyber liabilities significantly harming mid cap and small businesses will continue to increase through 2015. Small companies need to recognize that they have as much, if not more, risk of suffering losses and attacks with greater frequency and severity than their bigger competitors. In fact, smaller companies are at greater risk because they do not have the same depth of resources as their larger competitors. Brokers and insurers can assist these companies in preparing for, protecting against and surviving an eventual and potentially catastrophic cyber crisis event.

As companies, brokers and insurers continue to develop a better understanding of the risks and exposures involved with data breaches, standard insurance portfolios must be reviewed and developed to provide proper protection in the face of state laws and other outside influences.

While governmental regulatory actions can have significant financial impact on the marketplace, in the instance of a governmental product advisory, a standard insurance portfolio of general liability and property policies offers no protection. Companies should consider governmental recall and adverse publicity coverages that are contained in product contamination and product recall policies to protect their bottom line.

Insurers should review the various premiums, claims and administrative issues experienced as a result Superstorm Sandy to identify potential difficulties in complying with the standards set forth in the New York Department of Financial Services Circular Letter No. 8 of 2013 and establish an internal monitoring system for the adjudication of disaster-related claims to facilitate reporting, particularly where such reporting is required on a daily or weekly basis.

The bombings that occurred in Boston on April 15, 2013, have been classified as an act of terrorism. Whether the bombings meet the definition of a terrorist act that is found in most Event Cancellation/Contingency insurance policies exclusions or endorsements can raise significant coverage issues. 

Companies involved in a food safety crisis need to properly prepare to respond to extremely short deadlines and the FDA’s information demands by acquiring a product contamination policy that includes crisis management entitlements and consultant costs.