Against the backdrop of the disruptions associated with the Covid-19 pandemic and SolarWinds cyber-espionage campaign, NYDFS has released guidance for insurers that underwrite cyber insurance policies and which contains a number of provisions expected to impact companies applying for or renewing cyber insurance coverage, not the least of which is a specific recommendation that insurers require insureds to report cybersecurity incidents to law enforcement. Although not technically a part of the seven-pronged Cyber Insurance Risk Framework, the NYDFS guidance includes a specific recommendation against making ransom payments in response to ransomware cybersecurity incidents.
Source: NYDFS Issues Best Practices for Cyber Insurance Risk Management | Alston & Bird – JDSupra
