By now I think we have all seen that Marriott was hacked. What I find astonishing is not that they were hacked but how fast the lawsuits have been filed. I have already read about numerous lawsuits, some coming just hours after the hack was announced. For an insurance broker, making a case of why clients need cyber insurance is not a tough case to make, but there is another lesson that can be learned.
The vast majority of companies I speak with believe there is a very low risk that they will have a claim and I tend to agree with them, but that does not mean insurance will not be used. There is very little that prevents your company from being drawn into lawsuits, even if you were not negligent. Getting pulled into lawsuits costs money, possibly a lot of money, even if you are eventually proven innocent. This is why insurance is important, if the allegation is a covered claim then your insurance policy should be paying to defend you.
There are a couple of things to be cognizant of when it comes to the insurance company defending you.
- It could erode your limits of insurance, meaning you won’t have as much insurance to pay claims.
- The insurance company may have the right to choose counsel and decide how to defend the lawsuit. For example, they could decide to settle the claim against your wishes.
- The amount you spend on defense may not start reducing your deductible/retention until you have put the carrier on notice.
- Most policies have some sort of provisions on when you need to provide notice to the carrier which if not followed could jeopardize coverage.
These are just a few things that you want to pay attention to when you are served with a lawsuit. The important thing to remember is that you should make the carrier aware of the claim sooner rather than later, even if you don’t think the lawsuit is going anywhere. I have seen some desperate plaintiffs drag lawsuits on for a long time making even groundless lawsuits quite expensive.