Yahoo Data Breach Settlement Highlights Importance of Data Security and Cyber Liability

Yahoo Data Breach Settlement Highlights Importance of Data Security and Cyber Liability

An inconvenient truth. That’s how a growing number of us view data security breaches. There are victims and soon-to-be-victims. However, despite the seemingly endless stream of data breaches, organizations cannot afford to take a passive approach to data security and cyber threats. Just ask Yahoo!

In 2016, Yahoo announced two separate data breaches that exposed personal information of more than 1.5 billion users. At the time, Verizon Communications was in the process of buying Yahoo’s core Internet businesses. Upon learning of the data breaches, Verizon sliced $350 million off the purchase price. Then, in early March 2018, Yahoo agreed to pay $80 million to settle a breach-related securities class action lawsuit.

Data breaches have become much more than an inconvenient truth in the business world. They are a very costly reality. Fortunately, a growing number of businesses are realizing that if they don’t adapt today, they may not be around tomorrow.

Microsoft participated in a 2018 Global Cyber Risk Perception Survey that found most organizations now rank cybersecurity among their highest risk management priorities. Companies of all sizes have started to estimate the financial impact of a cyber event. According to the survey, organizations were most concerned about:

Business Interruption
Reputational Damage
Breach of Customer Information
Data / Software Damage
Extortion / Ransomware
Liability to Third Parties
Disruption / Interruption of Systems
Loss / Theft of Intellectual Property
Organizations that conducted the following cybersecurity activities were more confident in their ability to manage cyber risk.

Cybersecurity assessments
Penetration testing
Benchmarking (peers / industry-wide)
Modeling potential cyber loss scenarios
Phishing awareness training for employees
Encryption and multi-factor authentication
Reduced external system connectivity
Improved vulnerability and patch management
The survey also revealed that organizations are more confident in their ability to understand and assess cyber risk than their ability to mitigate or respond to it. Perhaps this explains why cyber liability insurance continues to play an important role in protecting against cyber liabilities. According to the survey, organizations:

increased coverage limits under existing cyber liability insurance policies;
re-structured existing cyber liability policies; or
purchased broader cyber liability insurance coverage.
Please contact us if you would like more information about insurance specifically designed to protect against cyber threats.

To receive regular insurance and risk management informational updates, please subscribe to our newsletter.