BreachExchange mailing list archives
Cyber insurance protects against data breach damage
From: Audrey McNeil <audrey () riskbasedsecurity com>
Date: Wed, 23 Apr 2014 18:47:18 -0600
http://www.tennessean.com/story/money/2014/04/21/cyber-insurance-protects-data-breach-damage/7988477/ Cyber insurance may evoke ideas of science fiction, but for businesses, the risk associated with data breaches is very real. Many owners of small- to mid-sized companies who possess sensitive data, such as customer credit or bank account information, Social Security and drivers’ license numbers or personal medical information, likely believe the security steps they’ve taken to protect that data means they are covered in the event of a breach. That’s not a sure thing. For many businesses, the cloud provides cost-effective IT solutions and allows for innovative capabilities. But using cloud-based solutions does not change your responsibility for securing your customers’ and employees’ data. Regardless of where you store data, all it takes is one mistake by an employee, unauthorized access by a former employee, theft of a company laptop or mobile device or a system breach by a skilled hacker, and your company could suddenly face significant legal and financial challenges. That’s why combining cyber insurance with strong data security practices should be the core of any business plan. Like any insurance policy, coverage must address the specific needs of your business. Generally there are two categories of coverage: 1. Third-party cyber liability protects in the event a claim is brought by a customer or partner for a data breach that your business actions or negligence allowed. It would protect against: • Judgments, civil awards or settlements where one is found legally obligated to pay after a data breach. • Electronic media liability resulting from an infringement of copyright, domain name, trade name, service mark or slogan on an intranet or Internet site. • Employee privacy liability due to disclosure of personal information. 2. First-party cyber-crime expense, which provides financial compensation to help address immediate customer and business needs that could include: • Legal and forensic services to determine whether a breach occurred and assist with regulatory compliance if a breach is verified. • Notification of affected customers and employees, including costs such as letter preparation and mailing. • Customer credit monitoring, as well as monitoring of fraud, public records and other information as needed. • Crisis management and public relations to educate customers about the breach and rebuild your company’s reputation. • Business interruption expenses to cover costs for additional staff, equipment, third-party services and additional labor arising from a covered claim. A number of factors, led by the type of business you conduct, contribute to determining premium costs. If you are an e-commerce company or retailer doing online transactions and storing data such as credit card information, you are considered a higher risk for data breach and subject to higher premiums. Medical-related data such as birth information, Social Security numbers and medical records are also high risk. It’s important to review business coverage needs each year with your insurance adviser to understand how your security risks are addressed in order to identify areas where cyber insurance can address exposures that may be excluded from your current policies. No two businesses are the same when it comes to cyber risks. Therefore it is important to understand the cyber risks your business faces to ensure your insurance program is designed properly.
_______________________________________________ Dataloss Mailing List (dataloss () datalossdb org) Archived at http://seclists.org/dataloss/ Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss For inquiries regarding use or licensing of data, e-mail sales () riskbasedsecurity com Supporters: Risk Based Security (http://www.riskbasedsecurity.com/) YourCISO is an affordable SaaS solution that provides a comprehensive information security program that ensures focus on the right security. If you need security help or want to provide real risk reduction for your clients contact us!
Current thread:
- Cyber insurance protects against data breach damage Audrey McNeil (Apr 24)