More Midsize Businesses Purchasing Cybersecurity Insurance Policies

[Audrey McNeil <audrey () riskbasedsecurity com>]

http://midsizeinsider.com/en-us/article/more-midsize-businesses-purchasing-cyber#.VEmFa_nF-So

A data breach can be extremely damaging to a midsize business, with
resulting costs potentially in the hundreds of thousands — if not millions
— of dollars, depending on how many records are compromised. It is an
expense that many midsize businesses cannot afford, forcing many to close
after an attack.

With the number of data breaches increasing each year and the frequency of
attacks targeting midsize businesses on the rise, it is not surprising that
more and more companies are turning to cybersecurity insurance policies.

Under Attack

The Washington Post reports that more than 3,000 American businesses were
victims of hackers over the past year, and many of them were small and
midsize firms. There are also data risks from lost or stolen mobile
devices, or from disgruntled insiders who can cause network damage or leak
sensitive information.

Greater Sophistication

Cybersecurity insurance policies have been around for two decades, but they
have been evolving to meet the ever-changing needs of cybersecurity.
Originally, these policies pertained to things like protecting websites and
liabilities involving e-commerce. Today, cybersecurity insurance is a
billion-dollar industry and growing.

"As protective technology becomes more sophisticated, hackers' methods are
following suit. Unlike tornadoes and earthquakes, where risks can be
calculated, experts say there's little experience on when — and how —
cyberattacks will hit," the Washington Post states.

Why the Need

Cybersecurity insurance policies not only help save the midsize business
after a data breach, but they also protect the IT department. Cybersecurity
is now so complicated that IT needs all the support it can get, and it
cannot be assumed that IT staff can successfully manage every potential
security issue. Even large corporations that have the financial resources
to invest in security professionals and multiple layers of security
applications and systems cannot handle it on their own, let alone midsize
businesses that do not have trained security professionals on staff and who
are asking a small IT staff to handle security on top of their day-to-day
duties.

Cyberattacks are not covered under other types of insurance policies, so
having an insurance policy that specifically protects business interests in
case of a security breakdown is the only way to guarantee the situation is
covered.

Too often, a midsize business's interest in purchasing insurance arises too
late, coming after the breach has already occurred. Instead, cybersecurity
insurance should be part of the overall cybersecurity plan, an added layer
that provides financial protection to keep the company running smoothly
after an attack.

_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss
For inquiries regarding use or licensing of data, e-mail
        sales () riskbasedsecurity com 

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
YourCISO is an affordable SaaS solution that provides a comprehensive information security program that ensures focus 
on the right security.  If you need security help or want to provide real risk reduction for your clients contact us!