Ransomware, Cyber Insurance, and the GC's Role: Current Executive Order, Risks Related to Payment, FBI Guidance

Recording of a 90-minute CLE video webinar with Q&A

This program is included with the Strafford CLE Pass. Click for more information.
This program is included with the Strafford All-Access Pass. Click for more information.

Conducted on Wednesday, September 28, 2022

Recorded event now available

or call 1-800-926-7926
Course Materials

This CLE course will discuss how general counsel can assist and address a company's risk when facing a ransomware attack. The panel will discuss the Executive Order issued in May 2021 by the Biden administration instituting tech standards for businesses acting as government contractors to limit potential ransomware attacks. The panel will advise when and how cyber insurance can be utilized and what risks still exist when payment is made, if that possibility even exists, in light of the attacks on Colonial Pipeline and SolarWinds.


Ransomware has become a multibillion-dollar criminal enterprise. Ransomware attacks can result in disrupted or even crippled operations, as seen in the massive ransomware attack against Kaseya by REvil or Colonial Pipeline by the Darkside group. As companies continue to enhance their security and restoration capabilities to prevent or minimize the impact of a successful attack, ransomware actors likewise continue to escalate threats and adapt their tactics to overcome these measures.

Whether a company makes a payment or not, the cost of lost business is the largest cost factor in determining the total cost of a data breach. Whether data is restored from backups or via a decryption tool, ransomware attacks typically involve significant downtime, and that downtime is increasing. Due to the likelihood of downtime and the inherent uncertainty surrounding restoration following a ransomware incident, general counsel may be especially well-served by incorporating a ransomware playbook into incident response plans, including considerations into whether to engage with the threat actor, whether to pay a ransom, how to evaluate the costs and value of a ransom, and the potential benefits and risks associated with paying a ransom.

The increasing frequency of ransomware attacks and rising amounts of ransom payments have placed renewed focus on the need for cyber insurance coverage. Some policies are unclear or ambiguous about their coverage of cybersecurity events, and other policies explicitly cover certain costs associated with cybersecurity events. Still, the unexpected severity of those events has contributed to industry-wide strain across insurers.

The Biden administration released a lengthy Executive Order on May 12, 2021, designed at least in part to respond to the supply chain risks associated with ransomware incidents. The Executive Order is broadly geared to address cybersecurity supply chain risk across the federal government. It is likely to create a series of digital safety standards with which federal agencies and their contractors will need to comply. These standards may include certifications of the integrity of their software, information systems, and vulnerability management provisions, with additional reporting requirements and penalties for violations.

Listen as our expert panel discusses the current upswing in ransomware attacks, what general counsel can do to assist a company in responding to these attacks, what types of cyber insurance are necessary, and how the Biden administration Executive Order--together with renewed FBI and other regulatory enforcement--will affect future attacks.



  1. Biden Executive Order
  2. Ransomware: overview, SolarWinds attack, Colonial Pipeline attack
  3. FBI and other government agency alerts
  4. Role and considerations of general counsel
    1. Payment of a ransom does not avoid other costs to the company
    2. Review of cyber insurance coverage
    3. Adjust your compliance program to the changing regulatory enforcement risks
  5. FBI success in Colonial Pipeline case and future enforcement actions


The panel will review these and other key topics:

  • What is the history of recent ransomware attacks on U.S. companies?
  • How can general counsel implement a ransomware contingency plan? When should payment be considered?
  • What issues with cyber insurance should counsel consider when assessing policies?
  • How is the Biden Executive Order impacting companies' ransomware preparedness policies?
  • How has the success of the FBI in recouping the Colonial Pipeline ransom affected future attacks?


Desai, Shardul
Shardul Desai

Holland & Knight

Mr. Desai is a cybersecurity, data privacy, and white collar defense and government investigations attorney. He has...  |  Read More

Rose, Rachel
Rachel V. Rose, JD, MBA

Rachel V. Rose – Attorney at Law

Ms. Rose is an attorney in Houston, Texas, whose primary practice areas are health care, with a focus on HIPAA and...  |  Read More

Waller, Elizabeth
Elizabeth B. (Beth) Waller

Chair, Cybersecurity and Data Privacy Practice
Woods Rogers Vandeventer Black

Ms. Waller is a cybersecurity and data privacy attorney who uses her significant experience in technology to counsel...  |  Read More

Access Anytime, Anywhere

Strafford will process CLE credit for one person on each recording. All formats include course handouts.

To find out which recorded format will provide the best CLE option, select your state:

CLE On-Demand Video