Skip to main content

Nixon Peabody LLP

  • People
  • Capabilities
  • Insights
  • About
Trending Topics
    • People
    • Capabilities
    • Insights
    • About
    • Locations
    • Events
    • Careers
    • Alumni
    Practices

    View All

    • Affordable Housing
    • Community Development Finance
    • Corporate & Finance
    • Cybersecurity & Privacy
    • Entertainment & Media
    • Environmental
    • Franchising & Distribution
    • Government Investigations & White Collar Defense
    • Healthcare
    • Intellectual Property
    • International Services
    • Labor, Employment, and Benefits
    • Litigation
    • Private Wealth & Advisory
    • Project Finance
    • Public Finance
    • Real Estate
    • Regulatory & Government Relations
    Industries

    View All

    • Aviation
    • Cannabis
    • Consumer
    • Energy
    • Financial Services
    • Healthcare
    • Higher Education
    • Infrastructure
    • Manufacturing
    • Nonprofit Organizations
    • Real Estate
    • Sports & Stadiums
    • Technology
    Value-Added Services

    View All

    • Alternative Fee Arrangements

      Developing innovative pricing structures and alternative fee agreement models that deliver additional value for our clients.

    • Continuing Education

      Advancing professional knowledge and offering credits for attorneys, staff and other professionals.

    • Crisis Advisory

      Helping clients respond correctly when a crisis occurs.

    • DEI Strategic Services

      Providing our clients with legal, strategic, and practical advice to make transformational changes in their organizations.

    • eDiscovery

      Leveraging law and technology to deliver sound solutions.

    • Environmental, Social, and Governance (ESG)

      We help clients create positive return on investments in people, products, and the planet.

    • Global Services

      Delivering seamless service through partnerships across the globe.

    • Innovation

      Leveraging leading-edge technology to guide change and create seamless, collaborative experiences for clients and attorneys.

    • IPED

      Industry-leading conferences focused on affordable housing, tax credits, and more.

    • Legal Project Management

      Providing actionable information to support strategic decision-making.

    • Legally Green

      Teaming with clients to advance sustainable projects, mitigate the effects of climate change, and protect our planet.

    • Nixon Peabody Trust Company

      Offering a range of investment management and fiduciary services.

    • NP Capital Connector

      Bringing together companies and investors for tomorrow’s new deals.

    • NP Second Opinion

      Offering fresh insights on cases that are delayed, over budget, or off-target from the desired resolution.

    • NP Trial

      Courtroom-ready lawyers who can resolve disputes early on clients’ terms or prevail at trial before a judge or jury.

    • Social Impact

      Creating positive impact in our communities through increasing equity, access, and opportunity.

    • Women in Dealmaking

      We provide strategic counsel on complex corporate transactions and unite dynamic women in the dealmaking arena.

    1. Home
    2. Insights
    3. Videos
    4. Cyber insurance insights

      Videos

    Cyber insurance insights

    June 13, 2023

    LinkedInX (Twitter)EmailCopy URL

    By Jason Kravitz and Jenny Holmes

    Stay up to date on the latest cyber insurance developments as Jason Kravitz and Jenny Holmes interview Neel Desai, vice president, Cyber practice at Lockton. 

    Cyber insurance is becoming increasingly expensive, and exclusions seem to be expanding as cybercriminals become more and more audacious. If you are wondering what's going on in the world of cyber insurance lately, you've clicked on the right place.

    We are excited to have Neel Desai as our next guest on A Little Privacy, Please!® Neel is an attorney who has devoted his career to the insurance field, focusing on cyber insurance. He is vice president, Cyber practice at Lockton Companies, a major player in cyber insurance. Today, Neel will be sharing his insights on cyber insurance.

    Let me start by asking a question that many of my clients ask: Why is the cyber policy premium going up so dramatically?

    The inability of carriers to understand what exposure for ransomware looks like led to cheap pricing. Once ransomware exploded about three to four years ago, not only did we see higher rates and demands, but ransomware as a service became a thing. You had various criminal gangs throughout the world utilizing malware that they obtained from alternative means to leverage ransomware across company networks. Carriers started paying out $5, $10 million limit claims on very minimally priced cyber insurance policies. We saw the market start trying to overcorrect, and pricing ballooned as a result of that.

    It's been a combination of a lack of stricter underwriting standards, not much education, and a lack of actuarial data on what a ransomware or cyber claim costs. The resulting impact on the market was quite severe and is finally starting to stabilize some.

    What questions should companies ask when they are evaluating cyber insurance policies?

    There are several areas that you want to look at.

    I think a lot of times, especially with our middle-market clients, there really isn't a full understanding of your cyber exposure. You want to make sure you are working with an advisor or broker that understands the cyber insurance landscape, shows you analytics, and tells you about what your industry sector is generally seeing from a claims severity and frequency standpoint.

    The exclusions are expanding. You want to make sure that when you're going through your cyber renewal process or buying the product for the first time, you are fully aware of what the language in your policy means. What is covered? What is not covered? What triggers are required for things like the privacy or regulatory aspects of your policy to come into play? Ask those questions of your broker to make sure you are getting the information you need to make an informed decision for your company.

    Is there anything companies can do to help lower their cyber insurance premiums?

    Several controls are essentially table stakes to get into the cyber insurance door and have meaningful coverage.

    Multifactor authentication is not just for your email or employees who remotely access the network but across your enterprise for things like privileged administrative accounts or client applications. Making sure you're secured by MFA is critically important to not only getting a lower premium but getting appropriate coverage.

    Number two is an endpoint detection and response tool. Ensure that you are monitoring your endpoints appropriately, making sure that there is an eye and a lens on what's going on within your network consistently and that it's being monitored appropriately.

    Number three is creating resiliency across the enterprise. Backing up all your data, your servers, making sure that in the event you do have a catastrophic ransomware event that you are able to recover appropriately, then you can avoid paying a ransom. That will help your insurer feel comfortable that your business interruption loss is going to be substantially less than it would be if you did not have the proper resiliency in place.

    On top of that, providing good underwriting information is key. As privacy laws across the United States are starting to come back up and come into force in 2023, you want to make sure that not only are you staying in compliance with these privacy laws, but you are showing the insurance markets that you have teams in place not only from the cyber security technical standpoint but also from a legal compliance standpoint. Trying to articulate and tell a story for your company is key to your achieving a lower premium and getting coverage.

    More and more state privacy laws are coming into play. How are new state privacy laws going to impact the cyber insurance space? Will a policy cover violations of state privacy law?

    Carriers aren't quite certain yet. What will that exposure look like two or three years from now with laws in the books now? Their impact could be very wide-ranging, and we just don't know yet how it will look.

    You mentioned class action cases for pixel tracking. Do pixel-tracking privacy claims potentially implicate cyber insurance?

    We are early in these lawsuits and how they are developing, settled, and resolved. It's hard to say for sure that coverage is always going to be 100% extended, but with the programs contemplated, we are reporting all these claims to their cyber insurance carriers, and we expect coverage to extend.

    A Little Privacy, Please!

    Practices

    Cybersecurity & Privacy

    Insights And Happenings

    • Video

      Cyber war games with Sarah Gosler

      Cybersecurity & Privacy
      July 31, 2023
    • Video

      The next generation of privacy lawyer

      Cybersecurity & Privacy
      July 25, 2023
    • Video

      HR's role in cybersecurity

      Cybersecurity & Privacy
      July 18, 2023
    The foregoing has been prepared for the general information of clients and friends of the firm. It is not meant to provide legal advice with respect to any specific matter and should not be acted upon without professional counsel. If you have any questions or require any further information regarding these or other related matters, please contact your regular Nixon Peabody LLP representative. This material may be considered advertising under certain rules of professional conduct.

    Subscribe to stay informed of the latest legal news, alerts, and business trends.Subscribe

    • People
    • Capabilities
    • Insights
    • About
    • Locations
    • Events
    • Careers
    • Alumni
    • Cookie Preferences
    • Privacy Policy
    • Terms of Use
    • Accessibility Statement
    • Statement of Client Rights
    • Purchase Order Terms & Conditions
    • Nixon Peabody International LLC
    • PAL
    © 2025 Nixon Peabody. All rights reserved