25 Feb Data Security and Cyber Liability in 2015

Well, that didn’t take very long. On January 29, 2015, Anthem, one of the nation’s largest health insurers, discovered a data security breach involving up to 80 million current and former customers. According to Anthem, cyber attackers may have accessed names, dates of birth, Social Security and health care ID numbers, home and email addresses, and employment information, including income data.

Unfortunately, it doesn’t look like 2015 will bring some relief from the threat of data security breaches. In fact, many predict an increase in the frequency and severity of data breaches in the future. Those still not convinced that the threat is real should consider the following:

• The FTC estimates that the average time spent resolving a single identity theft is 400 hours. On average, businesses incur costs of nearly $200 per record affected by a breach of confidential information.
• 40% of all targeted cyber attacks are aimed at companies with less than 500 employees.
• 60% of small-to-medium businesses that suffer a data breach go out of business within 6 months after suffering the breach.
• 55% of U.S. small businesses (revenues below $10 million) have experienced at least 1 data breach involving electronic records (53% suffered multiple breaches).
• Failure of businesses to comply with privacy laws may result in significant fines and penalties and the potential for claims/suits from third parties and employees. Businesses that accept credit or debit cards are subject to fines and penalties for violations of Payment Card Industries Data Security Standards (PCI DSS).

Given theses risks, organizations must take preventative measures to prevent data security breaches. For example, steps can be taken to limit the risks created by laptop computers, copy machines and wireless networks. However, since cyber criminals always seem to be one step ahead of even the most current security protocols, Cyber Liability Insurance is quickly becoming a critical tool for many organizations to protect against data security breaches.

According to industry analysts, spending on data breach and cyber liability insurance nearly doubled in 2014. This is because many organizations are realizing that their standard insurance policies do not provide the coverage they need. Exclusions commonly found in General Liability, Crime, Professional, Directors & Officers, and Property insurance policies either prevent coverage for cyber claims altogether, or at best, leave significant gaps in coverage.

Unlike traditional commercial insurance policies, Cyber Liability and Security Breach (Cyber Perils) Insurance policies can cover:

• Defense and liability
• Notification expenses
• Crisis management expenses (public relations, advertising)
• Credit monitoring services
• Forensic and investigation expenses
• Loss prevention services

The right Cyber Perils coverage can help organizations survive the data breach epidemic. The key is to find a policy that meets organizational needs without paying for unnecessary coverages. Since the complexity and relative novelty of this kind of insurance makes it difficult to evaluate and compare the various options, an experienced insurance agent should be consulted to find coverage that is both adequate and affordable.

If you would like to learn more about insuring against cyber risks, contact us.

If you would like to subscribe to our newsletters please click here.