BreachExchange mailing list archives
Cyber Liability a Growing Threat to CPAs
From: audrey () riskbasedsecurity com (Audrey McNeil)
Date: Thu, 25 Feb 2016 18:35:56 -0700
http://www.accountingtoday.com/news/firm-profession/cyber-liability-a-growing-threat-to-cpas-77306-1.html Cyber liability has moved to the forefront of hazards facing the CPA profession, according to industry experts. âWeâve had the whole gamut of losses in the cyber area, including stolen or lost laptops that contained confidential client information,â said Bill Thompson, president of CPA Mutual. And CPAs are prime targets for hackers, he indicated. âWeâve had firms that have been hacked with ransomware and had to pay a ransom in order to get back access into their system,â he said. âI donât think that most CPAs are truly aware of the danger they face every single minute their servers are not protected properly, and they donât have password encrypted email service. If you were a thief and wanted financial information, who is better than CPA firms?â There has been a great deal of buzz about a variety of new enhancements being promoted by various insurance companies, according to Rickard Jorgensen, president and chief underwriting officer at Jorgensen & Company, a professional liability and risk management consulting firm. âMany of these new coverage features are a great leap in the right direction to provide affirmative coverage for CPAs and liability arising from web-based activities, hacking attacks or loss or theft of client-sensitive data,â he said. âMany insurers have offered legal liability from electronic media perils or client identity theft for a number of years. Coverage for breach notification and client credit record monitoringâoften described as first party coverageâis also a usual part of the coverage, and limits of up to $50,000 in costs are available.â Certain specialist professional liability agents have also made available to clients a specific cyber policy that can expand the range of coverage to include damage to network assets, cyber terrorism and cyber extortion, according to Jorgensen. âFor the average CPA, the most important additional coverage may be coverage for the expenses and monies resulting from cyber extortion,â he said. Cyber extortion occurs when a hacker breaks into a CPAâs computer network and installs a malicious computer code commonly known as ransomware. A threat is then made by the hacker that demands the CPA pay money or the hacker will release, divulge, disseminate, destroy or use the clientâs confidential information, or alternatively restrict access to the CPAâs computer system. Jorgensen cited an episode of âThe Good Wifeâ in which an overseas hacker attempted to blackmail a law firm into paying a ransom. âThe firm was able to prevail and catch the bad guys, but invariably this does not happen,â he said. Most professional liability policies donât provide coverage for cyber extortion, according to Jorgensen. âIt is a new and evolving coverage concept and insurers have yet to fully understand how to underwrite this risk. This is an innovative coverage feature of a professional liability policy.â Cyber liability is an area that tax preparers need to explore further with their insurers, according to both Thompson and Jorgensen. -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20160225/cac8cbd2/attachment-0001.html>
Current thread:
- Cyber Liability a Growing Threat to CPAs Audrey McNeil (Feb 25)