Cybersecurity: Are Social Engineering Attacks Covered Under Insurance Policies?

Cybersecurity incidents are a popular topic of coverage in the press. These incidents range from hacking into organizations that hold a large quantity of data about clients, employees, vendors and other stakeholders to duping employees to transfer funds into fraudulent bank accounts. Cybersecurity is a top of mind issue for most organizations. From a risk management standpoint, organizations often purchase insurance coverage as a means of mitigating the impacts of a cybersecurity incident. That said, sometimes there is a disconnect between the type of coverage the insured thinks it is getting and what the policy actually covers.

This was a particularly important focus in the decision The Brick Warehouse LP v. Chubb Insurance Company of Canada[1], where the Alberta Court of Queen’s Bench found that a vendor impersonation did not fall within the terms of the plaintiff’s crime policy coverage. The case is

Read more at: https://www.lexology.com/library/detail.aspx?g=f99231d5-3998-4283-89e5-773f052ba8f3