Case:

An employee at a small architecture firm receives an email from a reputable outdoor gear provider announcing a 2-day sale opportunity. The employee clicks the link at the top of the email without realizing that the sender of the email is not actually affiliated with the outdoor sports brand. The link leads nowhere, and the employee deletes the email thinking nothing of it. Unbeknownst to the employee, they have just compromised their network by downloading infected software.

The inadvertent download has allowed a destructive malware virus to spread to many other files housed on the insured's computer network. A few days later, the principal of the firm accesses project information stored on the network and sends an attachment off to their client. The client downloads the attachment, allowing the malware to spread to the client's computer system and resulting in widespread loss of data and a computer network shutdown.

Risk Assessment:

The client sues the insured for $1,000,000 for transmitting the malware seeking damages for the lost data and economic loss caused by the network shutdown.

Resolution:

$125,000 for computer forensic fees, $75,000 for defense costs, and $125,000 for settlement costs.

#Architects #Engineers #CyberLiability