Cyber liability and data security insurance
For all commercial clients - and especially those operating in the technology field - cyber exposures, together with data security and privacy concerns have become business-critical risks.
The insurance industry has been quick to respond to the ever-increasing focus on cyber and data protection through the provision of a variety of policies covering a range of risks from first party losses to liabilities following a loss or theft of data.
Our experienced team of data, technology and insurance lawyers are perfectly placed to advise insurers and intermediaries on all aspects of cyber and data insurance.
What we do
- Policy wordings – we have drafted leading cyber liability policies for a number of insurer clients, including cyber ransom policies, combined cyber and data policies and cyber extensions to personal lines household products. We have also worked with insurers to update suites of policy wordings and associated documents to ensure compliance with their silent cyber obligations.
- Breach response – following an insured breach, our experienced team are able to quickly and efficiently investigate and respond to the breach whilst ensuring that legal professional privilege remains in place. Our team includes experts in data protection, insurance coverage, technology disputes, employment law and commercial disputes, ensuring all possible issues are covered off.
- Claims support and advice – we are experienced in supporting claims teams on matters such as: liaising with brokers and insureds to collate claims information, managing the instruction of foreign counsel and experts; and reporting on matters relating to coverage.
- Training – we regularly provide training to insurers and intermediaries on issues relating to cyber and data insurance, including compliance with silent cyber requirements.
Featured experience
London Market insurer
Advising a London Market insurer on silent cyber compliance across a suite of over 1,000 policy wordings and associated documents.
Cyber policy wordings
Drafting a variety of cyber policy wordings for a number of insurers across various lines of business, including marine cyber and cyber K&R.
Board of a leading insurer
Advising the board of a leading insurer on its silent cyber strategy.
London Market insurer’s claims team
We have supported a London Market insurer’s claims team to enable it to determine coverage in relation to over 200 specialty risk claims.
Related expertise
Key contacts
Tim Johnson
Partner
Ros Foster
Partner
Kevin Lawson
Partner
You may be interested in...
Legal Update
The rising number of cyber-attacks
Legal Update
The continued threat of piracy in Southeast Asian waters
Legal Update
Government publishes its proposals for expanding the Scope of the Network and Information Systems Regulations 2018
Legal Update
‘Big Game Hunting’ – the new face of cyber extortion?
Legal Update
Economic crime and cybercrime
It is clear that the digital landscape, often termed cyberspace, is a man-made environment, in which human behaviour dominates and where technology both influences and aids our role in it — through the internet, telecoms and networked computer systems, which are often interdependent. The extent to which any organisation is potentially vulnerable to cyber-attack depends on how well these elements are aligned.
Legal Update
Let’s be direct – doubly so
Legal Update
The Ukraine War: Aviation and cyber issues
Legal Update
The physical consequences of cyber attacks
Legal Update
ICO consultation on research provisions guidance
The data protection legislation (namely, the UK GDPR and Data Protection Act 2018) contain various provisions that deal with the processing of personal data for research purposes.
Legal Update
More good news for data controllers: High Court finds local authority not vicariously liable for the actions of social worker who went off on a "frolic of her own"
Public bodies will be pleased to hear that another significant court decision (Ali v Luton Borough Council [2022] EWHC 132 (QB)) has been made that is favourable to data controllers.
Legal Update
Stemming the tide of data breach claims: good news for data controllers
The cases summarised give considerable comfort to data controllers seeking to defend themselves against claims that relate to breaches arising as a result of a failure rather than a direct act and/or are based on assertions of damage or distress that are exaggerated, unsubstantiated or bear little relation to the breach itself.
Published Article
Confidential information and subject access disclosure
In February 2021, the High Court handed down judgment London Borough of Lambeth v AM (No. 2) [2021] EWHC 186 (QB), in which Browne Jacobson LLP acted for the Claimant Council. The judgment is critical reading for public bodies who are required to take action to restrict the use of confidential information in circumstances where that information has been inadvertently disclosed to a third-party.
Published Article
Top tips for implementing ‘Data Protection by Design & Default’
The GDPR requires all businesses to implement ‘Data Protection by Design & Default’ but what does that mean in practice and how can businesses practically comply?
Published Article
Protecting your business from cyber threats
Did you know that cyber attackers can use publicly available information about your business and employees to make their attacks more successful? Information is often gleaned from websites and public social media accounts.
Legal Update
Legal and regulatory monthly update - September 2019
The latest update covering delegated authority, insurance product development, the senior insurance managers regime, data protection, operational control frameworks, Lloyds market, and horizon scanning.