Hunton Insurance Recovery Blog

Last week, we published a client alert discussing the importance of cyber and directors and officers liability insurance for companies and their executives to guard against cyber-related exposures.  In today’s ever-changing threat landscape, all organizations are at risk of damaging cyber incidents, and resulting investigations and lawsuits, underscoring the importance of utilizing all tools in a company’s risk mitigation toolkit, including insurance, to address these exposures. 

Hardly a day passes without hearing about another major cyber incident. Recent studies show that cybersecurity incidents are becoming more common, but they are also costly, with some reports estimating an average cost of $9.44 million for breaches in the US. In recognition of this mounting problem, government agencies continue to ramp up enforcement and issue new rules, regulations and other guidance aimed at curbing cyber risks. Last week, the SEC adopted final rules requiring registered entities to periodically disclose material cybersecurity incidents and annually disclose their cybersecurity risk management, strategy and governance plans. In announcing the new rules, the SEC specifically noted that “an ever-increasing share of economic activity is dependent on electronic systems.” According to SEC Chair Gary Gensler, “Whether a company loses a factory in a fire—or millions of files in a cybersecurity incident—it may be material to investors.” 

2022 has kicked off with several new whistleblower awards, as the SEC announced earlier this week that it had awarded more than $4 million to whistleblowers who provided information and assistance in two government actions—one for misconduct occurring overseas and a second where the whistleblower’s assistance directly led to the success of the covered action.