According to Willis Towers Watson’s 2018 Management Liability (Directors and Officers) U.S. Survey, the top D&O risks “in the coming year” include cyber incident/cyber claims (80%), claims by employees (55%), and regulatory and enforcement risks (48%). This means that cybersecurity is the top directors and officers (D&O) liability concern for organizations today.
As we have mentioned in previous blogs, cyber attacks are becoming more and more common for everyone – big corporations, small businesses, and even entire cities.
Cyber insurance plays a critical role in managing direct cyber insecurity risk, but current cyber insurance does not reach indirect risks traditionally addressed under D&O insurance. This leaves unanswered the question of how well will D&O insurance respond if liability for cyber insecurity reaches the boards of directors.
Yahoo! Data Breach Settlement
You may be familiar with the historic Yahoo! data breach that began in August 2013 and affected every single Yahoo account. In January 2019, Yahoo! paid a total of $29 million to its shareholders to settle a lawsuit against several former directors and officers. This lawsuit alleged that their poor management of the company led to the data breaches (which impacted the company’s value). The $29 million settlement includes $18 million in damages to the company’s shareholders plus $11 million for their legal fees.
Explaining Directors and Officers Insurance
So, who needs D&O Insurance? It’s not just for big, publicly traded companies with shareholders: any company or nonprofit with a board of directors helping run operations is at risk. Your board can be personally sued over their performance as board members or management of company affairs with lawsuits from employees, customers, investors and others. Without D&O, your board members would be personally at risk. That’s a risk many won’t take, especially in New York where lawsuit demands can be higher. D&O coverage can director and officers of for-profit businesses, nonprofits, privately held firms, and educational institutions.
D&O Coverage Quick Facts
There is no one standard D&O policy, each carrier has different forms. Your best bet is to rely on an experienced broker, such as HCP, to be sure you have proper coverage and limits and the right blend of risk tolerances versus cost. D&O policies:
- Contain “shrinking limits” provisions, meaning that defense costs—which are often a substantial part of a claim—reduce the policy’s limits. This is different than general liability where defense is covered in addition to the policy limits.
- Are written on a claims-made basis.
- Usually contain no explicit duty to defend the insured (when covering for-profit businesses).
- Cover monetary damages but exclude bodily injury and property damage.