CLOSE X
RSS Feed LinkedIn Instagram Twitter Facebook
Search:
FMG Law Blog Line

Posts Tagged ‘Equifax’

Cyberrisks to Contractors and Securing Proper Coverage

Posted on: June 29th, 2018

By: Barry Brownstein

Increasingly sophisticated hackers have targeted personal and business data held by companies like Target Corp., Sony Corp., Equifax Inc. and Yahoo Inc. during the past decade. The construction industry is just as susceptible to these risks as any other industry.  As construction projects increase in size and there is more sharing of data related to buildings and projects, and as more of that sharing becomes electronic, cyberrisks increase as well.

Contractors and their business partners hold personal information about their clients and employees, and they are increasingly using more electronic means to exchange data and survey construction projects. A significant threat for companies in the construction industry comes from the open and increasingly connected network between those in charge of a project and their various subcontractors and business partners, who need swift and seamless access to plans and other sensitive data to do their part of the work.

Many companies in the construction industry assume that since they have policies that cover losses stemming from physical and property damage, any infiltration into their systems that result in the loss of access to sensitive information is covered by such insurance.  However, most commercial general liability policies carve out cyberthreats from coverage.  While contractors can still make claims under more traditional policies and may find that some of their losses are covered, relying solely on these protections may be dangerous and result in uncovered losses.

Specialized cyberinsurance can fill in the gaps left by commercial general liability policies that do not account for losses caused by damage to virtual information systems, and ensure that any damages, injuries or delay caused by downstream contractors or business partners are covered as well. Once policies are in place, contractors need to revisit them regularly to account for changes in the cyberthreat landscape as they relate to the construction industry.

If you have any questions or would like more information, please contact Barry Brownstein at [email protected].

Cybersecurity in Georgia Hits a Roadblock

Posted on: May 14th, 2018

By: Ze’eva Kushner

On May 8, 2018, Georgia’s Governor Nathan Deal made a controversial decision to veto a cybersecurity bill.  Issued in the wake of the massive data breach of Atlanta-based Equifax, among other data breaches across the country, the cybersecurity bill would have made logging into a computer without permission illegal, even if no information was stolen.  The recent ransomware attack on the City of Atlanta serves as a reminder of the potential significant costs of not having computer systems protected adequately.

However, the bill included multiple exemptions, one of which would have permitted individuals to engage in active defense measures aimed at preventing or detecting unauthorized computer access.  In the industry, this is often referred to as “hacking back.”  The defensive actions could have included techniques such as using beaconing technology to determine the location of a hacker or leaving one’s network to track down stolen data.  The legality of these cyber defense measures is murky.

Google and Microsoft both urged Governor Deal to veto the bill, explaining that the active defense exemption would have authorized the hacking of other networks and systems under the pretext of cybersecurity and potentially lead to anticompetitive behavior.  According to Governor Deal, the end result of the bill would have hurt organizations’ ability to secure their computer systems.

If you have any questions or would like more information, please contact Ze’eva Kushner at [email protected].