Sharp increases in ransomware and other malicious cyberattacks are leading more companies to consider purchasing cyber insurance. However, the same market forces are making it more difficult to acquire such protection.
Every state in the U.S. has data breach notification laws. In Delaware, for example, if a breach requires a certain number of residents to be notified, the organization must also provide notice to the attorney general. Some states require organizations to provide credit monitoring services to those affected by a breach of financial data.