In this episode of Chattinn Cyber, Marc Schein interviews Peter Halprin. Peter is an insurance lawyer and an arbitrator. He teaches international arbitration at Cardozo. In addition to teaching, he also writes articles and other academic pieces about different areas of arbitration.
In today’s episode, Marc and Peter talk about the challenges faced by cyber insurance, silent cyber, and arbitration. Arbitration is an alternative means of handling disputes. Peter says for sophisticated entities, especially in the cyber context, arbitration can be a really good way to resolve disputes. Apart from choosing the people to resolve the dispute, the main benefit of arbitration is that it is confidential, so you don’t have to talk about the embarrassing cyber breach or security lapse. They also talked about how the insurance coverage and mindsets of businesses changed in recent years.
Peter shared the case of G&G company. Recently the G&G company faced a ransomware attack. The company made the payment and looked to their prime carrier for reimbursement.. The carrier denied saying it was a voluntary payment and wasn’t related to the use of computers as is required under computer fraud coverage in the prime policy. The trial court agreed with the insurer saying there was no coverage, but the Supreme Court disagreed, saying the judgment for the insurer was inappropriate on two grounds. One is that they think that the use of computer could have been implicated here, and there was some measure of fraud that caused the transfer. The interesting thing about this case is that all of this stems from the idea that what enabled the ransomware attack was actually a spear-phishing or other campaign at the outset. linkage. This is something to be considered.
Peter suggests that when you face challenges with BI claims, make sure you have the right legal counsel involved, involve forensic accounting, and work with the right broker to support you from the claims perspective. He wraps the episode telling us that it seems like because there are so many claims, carriers are very quick to bring in coverage council on their side. So, he calls upon carriers and brokers to work together on that outset.
[00:53] – How did he become an insurance lawyer?
[03:09] – The benefit of cyber arbitration
[05:30] – The challenges people are facing with cyber insurance in 2021
[09:25] – The case of G&G Oil Company
[09:52] – The obligations of cyber laws
[14:33] – Peter’s advice to people facing ransomware challenges
[16:33] – The wreak havoc of ransomware in the pandemic
[17:37] – How does ransomware affect the business income loss?
[20:10] – What the companies need to do at the moment?
[22:30] – What should be the coverage of your insurance?
[23:47] – Closing thoughts
“Arbitration is a really good place for cyber disputes.”- Peter [04:11]
“The main benefit of cyber arbitration is that it is confidential. And you also get to choose the people who resolve your dispute.” – Peter [03:42]
“The tentacles of cyber issues and where they pop up are unlimited.” -Peter [09:43]
“Just because you paid the ransomware, it doesn’t mean that you are necessarily in the clear. The actor can still remain in your system. Your data can still be corrupted. And dealing with OFAC and other guidance out there, there is a possibility that you may be transferring money to a sanctioned actor. And now you are exposing yourself to additional legal liability.” Peter [15:50]
“In terms of forensic accounting, clients should always check their policies to see what kind of coverage they have. Those people speak 1010 to each other, and so it’s important to have two people that speak like that to each other to resolve the issues.”- Peter [20:36]
“Having the right team in place both in the underwriting and the claim side is essential.”- Peter [22:18]
“Don’t limit your insurance to risk management.”- Peter [22:30]
“Casting your insured in a defensive position in the midst of a crisis is not the best thing to do for customer relations or otherwise.”- Peter [24:23]