“Data breach? It only happens to big companies… It will never happen to me… My credit card processing vendor provides protection anyway…. I’m covered…. I don’t need to pay for even more insurance…”
Employee Allegedly Sold “bags of reservation documents” to Identity Thieves
Did you see this recent headline? If not check out the scary story here. This happened right here in Central Florida.
Ever heard the phrase ‘famous last words’? If not, you just read them above. Data breach and cyber security have become major problems facing business owners and individuals over the last decade. Getting caught in the trap of believing it won’t happen to you or that you have adequate protection without specific insurance coverage in place is often devastating. Businesses close, reputation and credit are ruined and recovery takes years if it happens at all.
Credit card vendors may offer a little bit of protection to businesses that contract with them, but the sheer cost of complying with federal and state data privacy laws would use up that safeguard at least ten times over. A data breach, as legally defined, can be something as simple as a single piece of paper blowing away in the wind with sensitive information on it. There is then a complicated process of notifying all persons in the database effected by U.S. Mail, offering them credit monitoring and managing the breach from a public relations standpoint. The average cost exceeds $200,000 and no business without Data Beach/Cyber Liability Insurance is prepared. The worst part is that the top two causes of breaches in the United States are lost/stolen laptops/cellphones and dishonest employees. The question isn’t if a business will have a data breach. Sadly, the question is when your business will have a data breach. Being prepared is critical and now a simple cost of doing business in the digital era.
Cyber security and Cyber Liability Insurance are another critical issue. Business systems are routinely hacked, used to route malware and vulnerable almost no matter what security measures are in place. Just take a look at recent high profile cyber attacks. They’re beginning to dot the news daily. Often, part of the same policy as Data Breach, Cyber Liability protects a business from the liability that is forced upon them if their site is used maliciously. That’s right – if a hacker uses your website/servers to launch an attack the law says that YOU are liable! Have you heard of a social engineering attack? Example: A hacker pretends to be with the CEO of a company and emails the accounting department to have funds transferred for an emergency.
According to a recent cyber risk survey, 48% of large companies and 32% of companies of all sizes have experienced 25 or more social engineering attacks in the past two years. And 30% of all victims of social engineering cite an average per-incident cost of more than $100,000 to locate, remediate and protect against further losses from a successful social engineering attack. – Property Casualty 360 – http://bit.ly/1D9wJJL
Again, without Data Beach/Cyber Liability Insurance, which includes public relations response no business is prepared.
Here is a great article on What Makes Florida’s Data Breach Law Unique. To briefly summarize the new law when a data breach occurs the targeted business has less time to notify customers and the definition of “sensitive information” has been expanded. What that means for you is that you will need additional resources to comply with the law in case of a breach, let cyber liability insurance be that helping hand.
Property Casualty 360’s new article, entitled “4 common but dangerous cyber threats and steps to address them” provide some scary statistics. Remember, there are a lot of things that your General Liability policy doesn’t cover. Just about everything involving cyber space and sensitive client data (SSN’s, credit cards, etc.) needs its own specific protection. Don’t be caught in defenseless mode!