Cyber liability must have for businesses

[Audrey McNeil <audrey () riskbasedsecurity com>]

http://mdjonline.com/view/full_story/25154659/article-Cyber-liability-must-have-for-businesses

Business insurance is a boring but necessary element to any business. Yet
knowing there have been more than half a billion data breaches in the past
nine years, business owners may want to take notice. That number is no
joke. The Identity Theft Resource Center reports 630,432,294 individual
names, plus personally identifiable information, have been put at risk
between 2005 and May 2014. Last year alone, Facebook, Twitter, Apple,
Microsoft, Evernote, Vodafone, Adobe, Nordstrom and Target all reported
security breaches, including credit card skimmers, stolen financial records
and malicious software.

Even small business owners are at risk. In 2012, 31 percent of cases
investigated were from organizations with fewer than 100 employees. Privacy
and security risks are generally excluded from general business liability
policies. To protect your business, it is extremely important to have a
risk management plan in place to keep client records safe from inside and
outside intrusions. Even with the most sophisticated data management plan
in place, every business is a target. For this reason, cyber liability
coverage can help guard a business from exposures, including security
breaches, mistakes and unauthorized employee acts, virus attacks, hacking,
identity theft or private information loss and infringing or disparaging
content.

Cyber liability policies provide businesses protection to both first-party
and third-party exposures arising from Internet communications, e-business,
networks and informational assets. First-party exposures include a
company’s liability for holding private customer information, such as
credit cards, Social Security numbers and medical history. Third-party
risks extend to a company’s clients who enter their personal information on
the company’s website.

As an example, medical records are one of the most popular targets for
criminals, because there is a substantial profit that can be made on the
black market, as well as the difficulty in prosecuting the perpetrators.
One study has shown patient record breaches soared 137.7 percent from 2012
to 2013, indicating cyber liability coverage is crucial. Other risks for
businesses include the introduction of a virus to a client’s system,
inadvertent release of confidential information, theft of intellectual
property and faulty web design.

Cyber liability policies are continuously evolving as the business world’s
dependence on the Internet and information infrastructures increases.
Generally, the policies cover a wide range of risk areas because one email
virus can set off a chain reaction and disrupt business for several days.
Not only do cyber liability policies cover the cost of compromised data,
they can also provide for the cost of data recovery after an information
technology disaster. Ponemon Institute’s 2013 Cost of Data Breach Study
reports the average cost for a data breach in the United States is $188 per
record.

Cyber liability policies work in concert with other business insurance
policies by minimizing overall business risk. Many small- and mid-sized
businesses are underinsured in this area, as many business owners are
unaware of the risks involved. Policy costs are generally based on the
revenue of the business and the extent of the business’s risk exposure.

_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss
For inquiries regarding use or licensing of data, e-mail
        sales () riskbasedsecurity com 

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
YourCISO is an affordable SaaS solution that provides a comprehensive information security program that ensures focus 
on the right security.  If you need security help or want to provide real risk reduction for your clients contact us!