Cyber insurance can reduce impact of a data breach

[Audrey McNeil <audrey () riskbasedsecurity com>]

http://www.azcentral.com/story/money/business/tech/2015/04/20/cyber-insurance-can-reduce-impact-data-breach/26069741/


Cyber insurance for your business might be worth the cost. It deserves a
good look because it educates on reducing risk, helps when a breach happens
and can be a competitive advantage.

In 2015, data breach events are once again on the rise. How your
organization, regardless of size, efficiently and compliantly manages a
breach incident response can be the difference between being the next
headline news story or going out of business.

As business owners and executives look for new ways to protect their
business risks and branding, cyber insurance is receiving more
consideration as a way to help you manage and respond, whether your data
breach is caused by outside hackers, your own employees, or vendor
relationships ranging from malicious intent to accidental release of
information.

The use of cyber insurance communicates to clients, prospects and vendors
that your business is serious about managing a data breach event and your
commitment to protecting customer and employee information.

Here are three tips to consider when reviewing the option of adding a cyber
insurance policy:

•Work with an insurance broker who understands cyber insurance. An
insurance broker who understands cyber insurance can help educate your
business on the different types of cyber insurance policies and validate
the need for a cyber-insurance policy. A broker can also help you
understand business interruption, legal liability, costs to investigate a
data breach, notification to victims and defend/settle class-action
lawsuits, including regulatory enforcement actions and fines.

•Data breach assessment. Your business needs to evaluate its overall risk
of experiencing a data breach and the type data you collect, store and
transmit.

Here are some questions to ask when considering cyber insurance: What type
of industry are you in? What is the type and volume of data that your
company collects, uses, stores, and transfers? What is the prominence of
your brand? Are your technology and information security and governance
best practices up to date? Are mobile devices an integral part of your
business? What are the total number of vendors and third-party contractors
with access to your company's sensitive data?

•Learn about cyber policy exclusions and endorsements. Not all cyber
insurance policies are created equal. Ask about retroactive coverage for
"prior, unknown data breaches." Ask about coverage that includes "loss of
data" versus only "theft of data." If your business acts as a vendor or
third party contractor for other businesses, ask about your cyber coverage
that includes liability to cover your business clients.

The reality is, the challenges of a data breach event can include complex
federal and state breach notification laws, and most small businesses lack
the financial and human resources to respond. Cyber insurance can support
your risk-management objectives.

Mark's Most Important: Take a look at cyber insurance before your business
is a data breach victim.

_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss
For inquiries regarding use or licensing of data, e-mail
        sales () riskbasedsecurity com 

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
YourCISO is an affordable SaaS solution that provides a comprehensive information security program that ensures focus 
on the right security.  If you need security help or want to provide real risk reduction for your clients contact us!