Cyber Liability Insurance is a coverage that many businesses have overlooked in the hopes of keeping costs down in tough market conditions. With the dramatic increase of highly publicized data breaches faced by major retailers, health insurance companies, and banks, cyber liability coverage is finally gaining the attention it deserves.
In today’s market many businesses focus on network security as a way to minimize the likelihood of a breach:
- Make sure that passwords are a certain length with special characters to make sure that they are difficult to replicate
- Firewalls are always up and running and constantly being monitored
- Limited account access by certain individuals at a company to ensure privacy
While all of these are important, businesses also need to look at some of the other unconventional ways a breach of information can occur. In an age where many businesses are encouraging employees to BYOD (Bring Your Own Device) the likelihood of a breach can increase, as you may have less management over the devices and the network access then you may have on a company owned device. Employees are using personal phones, tablets, and computers as primary work devices, which could allow other to access company information. 31% of employees in a Harris Interactive survey had admitted to connecting to their company’s network from unsecured free or public Wi-Fi. 46% have shared their personal device with others, opening the door to unintended access to corporate data. 33% say the company data they use and store is not encrypted.
Businesses also need to look at employee behaviors/negligence and how that can cause a breach. What would happen if an employee accidentally downloaded malware on their personal device with company information? What if an employee accidentally faxed or emailed confidential information to the wrong fax number or email address? Management and behaviors of staff can expand a data breach exposure.
There are two ways that a business can look at a cyber-liability/ data breach exposure. The first is the financial impact of a breach to the business. The financial impact of a security breach could cost your business hundreds of thousands or even millions of dollars, depending on the type of information that is being compromised. After factoring in financial losses from the breach combined with paying for continued credit monitoring expenses, associated claim costs can skyrocket. The second is the financial impact of a breach to the brand. When your clients (existing as well as potential) find out about the breach, will they continue to do business with you? Will they move on to another bank that they feel will do a better job of handling their account, financials, and their personal security? The loss of future business is a greater exposure to any business, stemming future growth. It is pivotal that you are able to ensure that your business has the appropriate coverage in place to not only deal with the financial impact of a breach in real time but also halt any future losses in the business moving forward with a controlled public relations response.
With potential lawsuits that can come in stemming from unauthorized access to personally identifiable information, alleging intellectual property, trademark or copyright infringement, and alleging invasion of privacy, slander, defamation or product disparagement, how would a Cyber Liability policy protect your business? Some of the coverages in a cyber-liability policy include coverage for:
- Regulatory Defense and Penalties
- Crisis Management and Public Relations
- PCI Fines
- Legal and Forensic Expenses
- Notification Expenses
- Media Content Liability
Many carriers also offer ancillary and risk management services including call center services, online data bases complete with information, webinars, disclaimers, and risk management tools. Given the rapidly changing insurance market, and potential exposures that business are seeing in today’s market place, Cyber Liability is the one of the largest exposures that businesses see today. It is imperative for businesses to manage these exposures through insurance programs and strict management techniques to minimize exposure and potential future losses to businesses.