Litigation Wave Coming

General counsel, chief information officers and chief financial officers are advised to prepare for a coming litigation wave, in part by reviewing all insurance coverage applicable to information security litigation. They should also familiarize themselves with their organizations’ information systems and safeguards, if for no other reason than to understand the competence of outside litigation counsel to defend cyber breach litigation.

It’s the smaller and less-common claims that, if they come in large numbers, can overwhelm a law department’s resources. Some legal theories they rest on are counter-intuitive, and others may not be covered by applicable CGL, General Liability, Errors and Omissions or Cyber Risk insurance. That means additional coverage or endorsements to existing policies are worth considering.

The most effective way to reduce the risk of litigation arising from data breaches is for the organization to take steps to reduce the risk of the breach itself, including by way of security patch updating, malware monitoring and detection and periodic security analyses. Risk mitigation should include assuring that security policies and procedures are documented, current, and meet regulatory, statutory and industry standards. Know the organization’s information systems and how they store and transfer information protected by statutes and regulations, and, in the case of multinational organizations, by the laws of jurisdictions in which the company does business. Also, vet outside counsel for their knowledge and experience with regard to cybersecurity and related litigation.