The business impacts of the COVID-19 coronavirus pandemic are unprecedented and still becoming clear as the virus spreads domestically and abroad. While direct impacts such as supply chain disruptions and decreases in revenue from canceled events are to be expected, cybersecurity challenges also present significant issues for organizations that are increasingly working remotely.
This article addresses some of the cybersecurity concerns expected to result from the COVID-19 pandemic, and whether your cybersecurity insurance policy covers these disruptions and challenges.
Expect Increased Cyber Criminal Activity Due to COVID-19
Unfortunately, the environment of fear produced by a pandemic such as COVID-19 attracts cybercriminals who prey on the anxieties of the public. Cybercriminals thrive in circumstances where others feel vulnerable and take advantage of the public to launch their attacks. For that reason alone we expect the number of reported hacks and cybersecurity incidents to rise as businesses navigate the COVID-19 landscape.
Additionally, although working from home may be best to prevent the spread of the virus and safeguard employees, it opens up a rash of cybersecurity concerns. As businesses increasingly send employees home to work remotely, cybersecurity risks increase. Employees may have little or no experience working remotely, and even those employees with experience doing so may not take appropriate steps to address security concerns. For a list of working-from-home best practices, see our e-alert about testing your reflexes and creating an incident response plan—or updating the one you have.
With an expected increase in cybercriminal activity and lowered defenses resulting from working remotely, it is important that businesses immediately take time to review their cybersecurity insurance policies and understand their coverage.
What Type of Policy Language is Relevant to Your Coverage?
To help determine the applicable coverage, organizations should refer to their policy documents. The policy documents detail what items are covered typically, any exclusions to coverage, and coverage limits. Your insurance policy may address third party claims separately as well as specify additional restrictions or limits on coverage for such claims.
Typical exclusionary language preventing coverage involves losses related to events such as certified acts of terrorism, those associated with nuclear material, and wars.
Practical Considerations and How to File a Claim Under Your Policy
In the current environment, to best support your organization’s planning we urge reviewing your cybersecurity policy to determine the extent that COVID-19-related disruptions and challenges are covered.
If your business encounters a cyber-attack and it becomes necessary to make a claim under your cybersecurity policy, we recommend you take the following steps in order to begin the claims process:
- Identify the section of your policy that discusses the requirements for placing a claim.
- Contact your insurance carrier as soon as possible, but at least within the time lime described in the policy documents. Counsel at Woods Rogers stands ready to assist you with the filing of your claim.
In these tough times, remember the Girl Scout motto: Be Prepared.
Woods Rogers has a Pandemic Response Group of attorneys who are monitoring the COVID-19 situation as it unfolds. This group will report quickly on obligations, potential liabilities, and legislative actions in a range of different practice areas—from commercial litigation to contract law, real estate and construction law, cybersecurity, and labor and employment matters. We stand ready to assist our clients in these difficult times.
Woods Rogers Cybersecurity and Data Privacy team is ready to help.