SecureWorld Post: 4 Key Cyber Insurance Takeaways for Companies from Spec’s v. Hanover Lawsuit

In my latest post for SecureWorld, explain 4 key takeaways for businesses from the Spec’s v. Hanover lawsuit regarding cyber insurance. Check it out and let me know what you think:  4 Key Cyber Insurance Takeaways for Companies from Spec’s v. Hanover Lawsuit


Target Data Breach: What Has It Cost? What Has Insurance Covered?

Target, in a recent document filed with the Securities and Exchange Commission, provided updated information on the financial impact of its 2013 data breach:

  • It now estimates paying $264 million in breach-related costs, ranging from litigation claims to the expenses it experienced for fixing systems and sending out information at the time of the attack (previous estimate were $252 million)
  • About $90 million has been covered by ­Target’s insurers

Source: Target: SEC won’t penalize it over 2013 data breach –

Cyber Insurance: Social Engineering Not Covered Under “Computer Fraud” Insurance Provision

Losses stemming from social engineering scams like the business email compromise are not covered by “computer fraud” provisions of commercial crime insurance policies according to the Fifth Circuit Court of Appeals in Apache Corp. v. Great American Insurance Co. Continue reading “Cyber Insurance: Social Engineering Not Covered Under “Computer Fraud” Insurance Provision”

Why Lawyers Need to Understand Cyber Insurance for Their Clients

Texas Bar JournalCybersecurity, data breach, cyber attacks, and cyber insurance. Unless you live under a rock, you have heard of it. You better hope your lawyer has too!

Shawn Tuma argues that the minimum standard of care for lawyers practicing in 2015-16 requires a basic understanding of cyber insurance. He recently explained that argument, along with his co-author Katti Smith, a seasoned cyber insurance professional with AIG.

The Texas Bar Journal published their article, Risky Business: Why lawyers need to understand cyber insurance for their clients, in the December 2015 issue. In the article, they explain what cyber insurance is, what kinds of policies cover cyber liability, key first-party and third-party costs that should be covered by such a policy, as well as key items that are often not covered.

Go check it out and let them know what you think.


Shawn Tuma (@shawnetuma) is a business lawyer with an internationally recognized reputation in cybersecurity, computer fraud and data privacy law. He is a Cybersecurity & Data Protection Partner at Scheef & Stone, LLP, a full-service commercial law firm in Texas that represents businesses of all sizes throughout the United States and, through its Mackrell International network, around the world.