Cyber Liability | Protection from Data Breach
Has your company experienced a cyber liability breach? At best, the answer might be "not yet," and the exposure is excluded on a standard policy.
One man managed to hack into NASA and the Pentagon because he wanted proof of a UFO cover-up. Do you think a group of thieves looking for money will have trouble getting into your network?
The reality is that security experts believe that every company has or will be hacked. Small companies often think, why would hackers bother with us? They often have low security, substantial assets, little ability to research who did it or the influence to do anything about it. A better question is - why would they bother going after a big company?
This type of loss could also be as simple as a lost laptop or cell phone with personal information on it. Claims have been filed even after the lost laptop is recovered.
Many people have a third party that handles their data. Even in their hands, it is still your responsibility. Did you read your contract? Many say you have to defend them in the event of a lawsuit or limit their liability to a refund of your annual fee.
If you are hacked and personally identifiable information may have been exposed, the costs can be staggering. These may include forensic costs to figure out what was breached, notification costs, credit monitoring, lawsuits from those affected, regulatory fines and penalties. The bar for what qualifies as personal information is quite low.
The cost per customer record breached can vary. A 2012 Ponemon Institutes study put the average cost at $194 per record.
Just completing the application for this coverage can be a bit daunting. Insurance companies don't plan on covering a company without security practices any more than they would insure a jewelry store that keeps its diamonds in a shoe box. Even if you do not take the coverage, the application can give you a guide to some of the things you should be thinking about.