As cyber risks have taken the world by storm, a tremendous amount of attention has been given to the proper methods for responding to inevitable data breaches and cyber-related losses. However, at Cozen O’Connor we recognize that cleaning up the mess is only part of the job, so we do not stop there. Our CyberSubro℠ task force goes “beyond the breach” by investigating the cause of the cyber-related loss and pursuing responsible third parties for directly causing the loss or allowing it to happen on their watch. Potential targets can include a wide variety of entities including website or maintenance security vendors, network security designers, software/hardware manufacturers, data backup/cloud computing companies, as well as the hacked entity itself (including governmental entities).

The principles of property subrogation including early investigation, evidence preservation, expert analysis, and evaluation of industry standard breaches similarly apply to our CyberSubro℠ investigations. After a cyber-related loss, we work with insurers and their insureds to evaluate how the breach occurred and what evidence — be it corrupt hard drives, forensic screen images, or anything in between — needs to be preserved. We assist in retaining the appropriate forensic expert to further evaluate how the breach occurred and identify the entities who caused, could have prevented or limited the consequences of, the security breach. This includes identifying and understanding any applicable standards in the software industry, such as PABP (Payment Application Best Practices) in the point of sale industry or determining if a reasonable level of security was provided, including encryption, passwords, firewalls, system upgrades, and intrusion detection/protection systems. Our litigation-experienced subrogation attorneys also understand the impact contractual limitations can have on CyberSubro℠ recoveries and have navigated around these limitations. 

Our recoveries in CyberSubro℠ are not limited to carriers providing cyber-risk insurance policies. Property insurers also have instances of providing property coverage for cyber-related losses including replacement of computer and network equipment after a breach. We have handled recoveries against network security vendors for failing to adequately protect the insured’s system that resulted in the breach (and subsequent property damage from the breach). Additionally, we have handled recoveries against the insured’s vendors who installed programs on the insured’s network that provided a portal for the hacker’s access to the insured’s network and private information.  


The FDA’s New Guidance on Cybersecurity Risks for Medical Devices [Corporate Counsel]

March 03, 2016

Jillian Thornton Flax and Abby Sacunas, both members of Cozen O'Connor's Products Liability practice, discuss the FDA's new guidance on cybersecurity risks for medical devices in Corporate Counsel.

The Need to Take Cyber Threats Seriously in the World of Sports [World Sports Law Report]

November 01, 2015

Ryan Blaney and Jason Bonk review the need for proper cybersecurity measures, discuss an ongoing probe of two MLB franchises regarding a possible inter-team hacking scandal, and put forward a valuable list of items that every actor in the sports world should consider in order to mitigate the risk of privacy/cyber breaches.

Protecting Your Company From Privacy Breaches Begins Now [The Legal Intelligencer]

August 05, 2015

Jason Bonk and Calli Jo Padilla discuss the importance of implementing, enforcing and training on policies reflecting the best practices to protect companies against the increasing threat of cyberhacking and privacy breaches.

Events & Seminars

Past Events

Webinar: CyberSubro℠ II

September 29, 2016 - Webinar

2016 Section of Litigation Annual Conference

April 14, 2016 - Chicago, IL

In The News


David D. Brisco


(619) 685-1704

Matthew F. Noone


(215) 665-2192


Keep up-to-date with the latest news from Cozen O'Connor

Enter your City or Zip.

Probably shouldn't change this:
Sign up to receive alerts, publications, and event / webinar invites.

By submitting your contact information, you are giving Cozen O'Connor consent to contact you via email.