Failure To Patch May Bring Liability, Scuttle Insurance Claims

After the National Security Agency discovered a potentially devastating vulnerability in Microsoft Windows 10 and some other Microsoft releases, the company, earlier this month, released a patch that is said to fix it. A client alert from law firm O’Melveny & Myers exhorts firms to be sure that software security patches have been applied to their systems, and reminds them that failure to do so could be grounds for both liability in a lawsuit, following a breach, and coverage denial in a cyber insurance claim. “In the wake of Microsoft’s announcement, and as a general practice,” they write, “in-house counsel should be coordinating with relevant IT personnel to ensure that security practices are up to date.”