• Mehr als 3 Millionen Wörter Inhalt
  • |
  • info@itmedialaw.com
  • |
  • Tel: 03322 5078053
Rechtsanwalt Marian Härtel - ITMediaLaw

No products in the cart.

  • en English
  • de Deutsch
  • Informationen
    • Ideal partner
    • About lawyer Marian Härtel
    • Quick and flexible access
    • Principles as a lawyer
    • Why a lawyer and business consultant?
    • Focus areas of attorney Marian Härtel
      • Focus on start-ups
      • Investment advice
      • Corporate law
      • Cryptocurrencies, Blockchain and Games
      • AI and SaaS
      • Streamers and influencers
      • Games and esports law
      • IT/IP Law
      • Law firm for GMBH,UG, GbR
      • Law firm for IT/IP and media law
    • The everyday life of an IT lawyer
    • How can I help clients?
    • Testimonials
    • Team: Saskia Härtel – WHO AM I?
    • Agile and lean law firm
    • Price overview
    • Various information
      • Terms
      • Privacy policy
      • Imprint
  • Services
    • Support and advice of agencies
    • Contract review and preparation
    • Games law consulting
    • Consulting for influencers and streamers
    • Advice in e-commerce
    • DLT and Blockchain consulting
    • Legal advice in corporate law: from incorporation to structuring
    • Legal compliance and expert opinions
    • Outsourcing – for companies or law firms
    • Booking as speaker
  • News
    • Gloss / Opinion
    • Law on the Internet
    • Online retail
    • Law and computer games
    • Law and Esport
    • Blockchain and web law
    • Data protection Law
    • Copyright
    • Labour law
    • Competition law
    • Corporate
    • EU law
    • Law on the protection of minors
    • Tax
    • Other
    • Internally
  • Podcast
    • ITMediaLaw Podcast
  • Knowledge base
    • Laws
    • Legal terms
    • Contract types
    • Clause types
    • Forms of financing
    • Legal means
    • Authorities
    • Company forms
    • Tax
    • Concepts
  • Videos
    • Information videos – about Marian Härtel
    • Videos – about me (Couch)
    • Blogpost – individual videos
    • Videos on services
    • Shorts
    • Podcast format
    • Third-party videos
    • Other videos
  • Contact
Kurzberatung
  • Informationen
    • Ideal partner
    • About lawyer Marian Härtel
    • Quick and flexible access
    • Principles as a lawyer
    • Why a lawyer and business consultant?
    • Focus areas of attorney Marian Härtel
      • Focus on start-ups
      • Investment advice
      • Corporate law
      • Cryptocurrencies, Blockchain and Games
      • AI and SaaS
      • Streamers and influencers
      • Games and esports law
      • IT/IP Law
      • Law firm for GMBH,UG, GbR
      • Law firm for IT/IP and media law
    • The everyday life of an IT lawyer
    • How can I help clients?
    • Testimonials
    • Team: Saskia Härtel – WHO AM I?
    • Agile and lean law firm
    • Price overview
    • Various information
      • Terms
      • Privacy policy
      • Imprint
  • Services
    • Support and advice of agencies
    • Contract review and preparation
    • Games law consulting
    • Consulting for influencers and streamers
    • Advice in e-commerce
    • DLT and Blockchain consulting
    • Legal advice in corporate law: from incorporation to structuring
    • Legal compliance and expert opinions
    • Outsourcing – for companies or law firms
    • Booking as speaker
  • News
    • Gloss / Opinion
    • Law on the Internet
    • Online retail
    • Law and computer games
    • Law and Esport
    • Blockchain and web law
    • Data protection Law
    • Copyright
    • Labour law
    • Competition law
    • Corporate
    • EU law
    • Law on the protection of minors
    • Tax
    • Other
    • Internally
  • Podcast
    • ITMediaLaw Podcast
  • Knowledge base
    • Laws
    • Legal terms
    • Contract types
    • Clause types
    • Forms of financing
    • Legal means
    • Authorities
    • Company forms
    • Tax
    • Concepts
  • Videos
    • Information videos – about Marian Härtel
    • Videos – about me (Couch)
    • Blogpost – individual videos
    • Videos on services
    • Shorts
    • Podcast format
    • Third-party videos
    • Other videos
  • Contact
Rechtsanwalt Marian Härtel - ITMediaLaw

Cyber insurance refuses to pay benefits after hacker attack due to false information

18. June 2024
in Other
Reading Time: 3 mins read
0 0
A A
0
d18d1e1d82c0cecc1bcb94866a5316f4
Key Facts
  • Kiel Regional Court ruled that cyber insurance is exempt from payment due to false information in the application.
  • The timber wholesaler had declared insufficient IT security despite providing false information in the insurance application.
  • Important systems were equipped with outdated operating systems and without virus protection, which led to a hacker attack.
  • The IT manager >must have recognized the security flaws and could have checked them, which was considered malice.
  • The ruling emphasizes the importance of correct answers to risk questions in cyber insurance policies.
  • External security experts can help to objectively assess the IT security situation and mitigate risks.
  • The ruling reminds companies to take their IT security seriously and not just rely on insurance cover.

In a ruling dated 23.05.2024 (Ref. 5 O 128/21), the Regional Court of Kiel ruled that a cyber insurance policy is exempt from payment due to false information in the insurance application. The insurer had contested the contract on the grounds of fraudulent misrepresentation after the insured company, a timber wholesaler, suffered a hacker attack resulting in significant damage.

Content Hide
1. Inadequate IT security despite information to the contrary
2. Fraudulent misrepresentation leads to exemption from benefits
3. Significance for companies and insurance companies
3.1. Author: Marian Härtel

Inadequate IT security despite information to the contrary

In this case, when taking out cyber insurance in 2020, the timber wholesaler had stated, among other things, that all work computers were equipped with up-to-date malware detection and that available security updates were carried out without culpable hesitation. However, there were actually several servers in use with outdated, insecure operating systems for which updates were no longer available. The employee responsible for IT at the timber wholesaler stated during the trial that he had “deliberately overlooked” the systems in question when answering the risk questions. These were not subordinate computers, but servers with central functions for operations. An unprotected server with an outdated Windows system served as a connection between the web store and the company’s merchandise management system. For companies with complex IT systems in particular, it can make sense to commission external security experts to carry out an objective review of the system landscape. An external perspective often makes it easier to identify weaknesses than internal employees, who may be blind to the company’s operations or do not have an overview of all areas due to time constraints. Such a security analysis can also help to correctly present IT security to insurers and avoid unpleasant surprises in the event of a claim.

Fraudulent misrepresentation leads to exemption from benefits

The court considered the false information to be fraudulent misrepresentation on the part of the insurer, as the questions were answered incorrectly “in the blue”. The responsible IT manager could and should have recognized the security deficiencies. Due to the fraudulent misrepresentation, the insurance contract was null and void so that the insurer did not have to pay out. the decisive factor for the court’s assessment was that the inadequately protected systems had central functions in the company. The outdated Windows server was essential as a connection between the web store and merchandise management. The domain controller for managing access rights in the network was also still in an insecure delivery state. In the case of such important systems, the court could not believe that their security deficiencies had remained hidden from the IT manager, who, according to an expert witness, could have quickly checked that the virus protection and security updates were up-to-date by looking at the administration consoles. The fact that he had failed to do so before answering the risk questions was considered by the court to be an indication of fraudulent intent. Especially when taking out cyber insurance, the person responsible must be aware of how important the insurer takes the information on IT security.

Significance for companies and insurance companies

The ruling shows how important it is to answer risk questions correctly for cyber insurance policies. Companies must ensure that their IT security standards correspond to the information in insurance applications in order to be covered in the event of a claim. False statements, even if they are only made negligently, can lead to the insurer being released from its obligation to indemnify, and it can make sense for larger companies with complex IT systems in particular to have the risk questions answered by external security experts. This allows the actual security situation to be assessed objectively and presented correctly. It is also advisable to have penetration tests and vulnerability analyses carried out by specialized service providers at regular intervals in order to improve IT security overall. For insurers, the decision means that they can invoke fraudulent misrepresentation as a “sharp sword” if false statements can be proven. In view of the increasing threat of cybercrime, many insurers are likely to revise and specify their risk questions in order to avoid disputes and limit their exposure. Overall, the judgment of the Regional Court of Kiel is to be welcomed, as it underlines the importance of a truthful risk declaration and enables insurers to keep their liability risk calculable. It reminds companies to take their IT security seriously and not to rely solely on insurance cover. Because even with a cyber policy, prevention is better than cure.

Marian Härtel
Author: Marian Härtel

Marian Härtel ist Rechtsanwalt und Fachanwalt für IT-Recht mit einer über 25-jährigen Erfahrung als Unternehmer und Berater in den Bereichen Games, E-Sport, Blockchain, SaaS und Künstliche Intelligenz. Seine Beratungsschwerpunkte umfassen neben dem IT-Recht insbesondere das Urheberrecht, Medienrecht sowie Wettbewerbsrecht. Er betreut schwerpunktmäßig Start-ups, Agenturen und Influencer, die er in strategischen Fragen, komplexen Vertragsangelegenheiten sowie bei Investitionsprojekten begleitet. Dabei zeichnet sich seine Beratung durch einen interdisziplinären Ansatz aus, der juristische Expertise und langjährige unternehmerische Erfahrung miteinander verbindet. Ziel seiner Tätigkeit ist stets, Mandanten praxisorientierte Lösungen anzubieten und rechtlich fundierte Unterstützung bei der Umsetzung innovativer Geschäftsmodelle zu gewährleisten.

Tags: DomainEmployeesIT SecurityJudgmentServerSicherheit

Weitere spannende Blogposts

Gamertag/Nickname “stolen”, what can be done?

Gamertag/Nickname “stolen”, what can be done?
15. October 2019

The problem with stolen gamertags In recent months, more and more clients, especially well-known streamers, have approached me because their...

Read moreDetails

Triangular relationships in influencer marketing: Exciting aspects from Offenburg Regional Court

Triangular relationships in influencer marketing: Exciting aspects from Offenburg Regional Court
17. February 2024

In my legal practice in the areas of copyright law, competition law and IT law, I regularly advise management of...

Read moreDetails

SEO and law – a balancing act between visibility and security

img LkyqWNCTGcprds9IuQPTVGz9
21. November 2023

As a lawyer specializing in IT law, copyright law and competition law, I face the challenges that arise at the...

Read moreDetails

Security precautions for e-mail traffic – Karlsruhe Higher Regional Court specifies requirements

Bad evaluation in online portal: Author must be able to prove facts
10. August 2023

In a ruling published on July 27, 2023 (19 U 83/22), the Karlsruhe Higher Regional Court addressed the question of...

Read moreDetails

YouTube/Twitch and swastikas in streams/videos?

Abusive warnings are punishable by law
29. July 2019

Currently, there is a persistent discussion about whether videos from the game "Wolfenstein: Youngblood" can be shown in the English...

Read moreDetails

Is the NetzDG permissible? ECJ with an exciting decision

Lego brick still protected as a design patent
15. November 2023

The ECJ has made an exciting decision that could also be relevant for the NetzDG, which applies to Instagram or...

Read moreDetails

More consumer protection when buying apps and software

More consumer protection when buying apps and software
7. November 2022

On November 3, 2020, the Federal Ministry of Justice and Consumer Protection presented drafts for the implementation of the Digital...

Read moreDetails

Advocate General at the ECJ on the admissibility of cheat software

Lego brick still protected as a design patent
14. June 2024

Advocate General at the ECJ on the admissibility of cheat software For many years, I had the opportunity to accompany...

Read moreDetails

LG Koblenz: Inadmissible demand for confirmation of termination by telephone

LG Koblenz: Inadmissible demand for confirmation of termination by telephone
21. March 2024

Insight into the decision of the Koblenz Regional Court In its judgment of 27.02.2024 (Ref.: 11 O 12/23), the Regional...

Read moreDetails
shelf company

Partnership

25. June 2023

Introduction Partnerships are a form of business organization in which two or more people jointly operate a business with the...

Read moreDetails
Cryptovalue

Cryptovalue

30. June 2023
projekt gesellschaft projekt gmbh

Project Company / Project GmbH

26. June 2023
Trade custom

Trade custom

1. July 2023
Challenge

Challenge

16. October 2024

Podcast Folgen

Globale Herausforderungen für Startups – Ein rechtlicher Leitfaden

Globale Herausforderungen für Startups – Ein rechtlicher Leitfaden

2. October 2024

Dieser informative Podcast bietet einen umfassenden Einblick in die rechtlichen Herausforderungen, denen sich Startups bei ihrer internationalen Expansion gegenübersehen. Der...

Web3, Blockchain und Recht – Eine kritische Bestandsaufnahme

Web3, Blockchain und Recht – Eine kritische Bestandsaufnahme

25. September 2024

  In dieser aufschlussreichen Episode des ITmedialaw-Podcasts wird ein tiefgehender Blick auf die Schnittstelle von Web3, Blockchain-Technologie und Recht geworfen....

Legal challenges when implementing confidential computing: data protection and encryption in the cloud

Smart Contracts und Blockchain

22. December 2024

In dieser fesselnden Podcast-Episode tauch ich tief in die Welt der Blockchain-Technologie und Smart Contracts ein. Die 25-minütige Folge beleuchtet,...

“Digitales Recht Entschlüsselt” mit Rechtsanwalt Marian Härtel

“Digitales Recht Entschlüsselt” mit Rechtsanwalt Marian Härtel

25. September 2024

In diesem spannenden 30-minütigen Podcast entschlüsselt Rechtsanwalt Marian Härtel die komplexe Welt des digitalen Rechts für Selbstständige, Startups und Solopreneure....

  • Privacy policy
  • Imprint
  • Contact
  • About lawyer Marian Härtel
Marian Härtel, Rathenaustr. 58a, 14612 Falkensee, info@itmedialaw.com

Marian Härtel - Rechtsanwalt für IT-Recht, Medienrecht und Startups, mit einem Fokus auf innovative Geschäftsmodelle, Games, KI und Finanzierungsberatung.

Welcome Back!

Login to your account below

Forgotten Password? Sign Up

Create New Account!

Fill the forms below to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In
  • Informationen
    • Ideal partner
    • About lawyer Marian Härtel
    • Quick and flexible access
    • Principles as a lawyer
    • Why a lawyer and business consultant?
    • Focus areas of attorney Marian Härtel
      • Focus on start-ups
      • Investment advice
      • Corporate law
      • Cryptocurrencies, Blockchain and Games
      • AI and SaaS
      • Streamers and influencers
      • Games and esports law
      • IT/IP Law
      • Law firm for GMBH,UG, GbR
      • Law firm for IT/IP and media law
    • The everyday life of an IT lawyer
    • How can I help clients?
    • Testimonials
    • Team: Saskia Härtel – WHO AM I?
    • Agile and lean law firm
    • Price overview
    • Various information
      • Terms
      • Privacy policy
      • Imprint
  • Services
    • Support and advice of agencies
    • Contract review and preparation
    • Games law consulting
    • Consulting for influencers and streamers
    • Advice in e-commerce
    • DLT and Blockchain consulting
    • Legal advice in corporate law: from incorporation to structuring
    • Legal compliance and expert opinions
    • Outsourcing – for companies or law firms
    • Booking as speaker
  • News
    • Gloss / Opinion
    • Law on the Internet
    • Online retail
    • Law and computer games
    • Law and Esport
    • Blockchain and web law
    • Data protection Law
    • Copyright
    • Labour law
    • Competition law
    • Corporate
    • EU law
    • Law on the protection of minors
    • Tax
    • Other
    • Internally
  • Podcast
    • ITMediaLaw Podcast
  • Knowledge base
    • Laws
    • Legal terms
    • Contract types
    • Clause types
    • Forms of financing
    • Legal means
    • Authorities
    • Company forms
    • Tax
    • Concepts
  • Videos
    • Information videos – about Marian Härtel
    • Videos – about me (Couch)
    • Blogpost – individual videos
    • Videos on services
    • Shorts
    • Podcast format
    • Third-party videos
    • Other videos
  • Contact
  • en English
  • de Deutsch
Kostenlose Kurzberatung