Photo of Tyler Gerking

Tyler Gerking has a commercial litigation practice focused on recovering money for individual and corporate policyholders under all types of insurance policies, including commercial general liability, directors' and officers' liability, professional errors and omissions liability, employment practices liability and first-party property policies.

 

Blog-Image---Are-You-CoveredA recent case in the Northern District of California offers two cautionary tales to policyholders. First, when buying insurance, companies should understand their risks and ensure that the policies they’re buying match those risks as closely as possible. Second, when a claim arises, policyholders must carefully consider all the allegations, not just the formal causes of action, in the complaint to determine whether they might trigger an insurer’s defense obligation.
Continue Reading

shutterstock_109214660-Cyber-Attack-BlogThe Internet of Things gives rise to many risks and exposures that companies and their insurers were not thinking about as recently as a couple years ago, and probably aren’t fully cognizant of today.

The DDoS attack late last week on internet infrastructure company Dyn should act as a wake-up call.  It shows how large

Blog-Image---DataSecurity

Policyholders should always consider the potential for coverage under their CGL policies if they suffer a data security breach. However, as the cases described in my article for Corporate Counsel, coverage is highly fact-dependent and subject to interpretation by the courts even in the absence of a data-related exclusion. The addition of such an

Law firms are important gatekeepers between cybercriminals and clients’ sensitive data. The release of the Panama Papers and several other recent high-profile breaches have brought to light vulnerabilities in law firm cyber security.

I recently participated in a podcast with journalist Ben Hammersley and eSentire’s VP and industry security strategist Mark Sangster. Our discussion focused

In the December post Systemic Cyber Risks And The Internet of Things, we wrote about the increasing risk of cyber attacks on infrastructure and consumer products, and related insurance issues. We noted in that post that, while there have been a few cyber attacks on the Internet of Things (IoT) reported over the past few years, the number of such attacks was certain to grow. It has. Since our December post, several new attacks and developments have been publicly disclosed. These attacks again remind us that companies should evaluate their risks and exposures relating to the IoT and carefully negotiate their insurance policy renewals or purchases.
Continue Reading

David Smith and I have recently been writing and speaking about cyber risks and cyber insurance for the wine industry. While many of the high-profile data security breaches in the news involve large public companies, all businesses that accept credit cards for payment and/or have personally identifiable information from employees or customers are at risk

Companies’ awareness of “cyber” risks has increased significantly because of large and highly publicized data security breaches, such as Target and Home Depot.  Companies are starting to more proactively manage the risk of data security breaches by strengthening their IT defenses and, in many cases, buying cyber insurance.  However, many do not realize that data security breaches are just the tip of the cyber-risk iceberg.  Because nearly our entire economic system depends on electronic devices, machinery and infrastructure that is connected to the internet (i.e., the “Internet of Things”), the potential exists for much larger scale hacking attacks that could control, damage, destroy or shut down many of the systems on which we rely to conduct business.  Some of this risk is covered by cyber insurance, but much of it is not.  Proactive and effective “Enterprise Risk Management” will be vital to companies seeking to protect themselves against these growing risks.  Businesses should carefully review their unique risk profiles, indemnity contracts and insurance policies (including their non-cyber “traditional” policies) to identify and mitigate their exposures.

We have all heard of the large scale attacks on Target, Home Depot and more recently, Ashley Madison.  The news generated by these cyber attacks has contributed to the public’s increasing awareness of the large volumes and types of personal information that companies are holding about their customers.  To protect themselves against some of the losses that such data security breaches may cause, many companies have prudently responded by buying “cyber insurance.”
Continue Reading