Friday, September 6, 2013

Cyber Insurance Continued

Cyber Insurance Continued


By Shawn McDonald

Let’s talk briefly about what cyber risks are and how they can affect your computer systems and your business.  When I think of a hacker my mind conjures up an image of an antisocial genius staring at the glow of a monitor in a poorly lit room cluttered with computer hardware.  The fact is that hackers have spread across the world.  Some are thrill seekers, some have political or personal agendas, some are criminals looking to score big bucks, and others work for nation states for political purposes.  Hackers and hacking have changed the way businesses large and small as well as insurance companies across the globe run their organizations. 

The largest risk business owners face by hackers is the loss of private information.  This includes customer information like credit card data, social security numbers, and medical records to name a few.  Also at risk are company records like employee information, trade secrets, and other proprietary information.

A Symantec study states that 60% of all companies that experience a data breach file for bankruptcy.  The average cost per lost record is between $180 and $214 per record.  If your company has only 10,000 records compromised in a data breach the cost of this loss is going to be between $1,800,000 and $2,140,000!  Many businesses have 30,000, 50,000, 100,000 or more records stored in their computer systems.  It is easy to see how a data loss incident can balloon into a huge financial loss.

Hacking is the most recognizable and expensive cause of data loss but it is not the most common.  Simple human error accounts for the majority of data breaches.  A 2011 study by the Global Ponemon Institute stated that:

39% of data breach cases are from human error such as loosing laptops or flash drives.

37% are malicious and criminal attacks.

24% are system glitches, such as software updates which inadvertently expose sensitive private files.

Regardless of how sophisticated your security system may be little can be done to completely eliminate the risk of human error.

Thank you for reading.


To be continued soon…….

Thursday, August 29, 2013

Cyber insurance has received a lot of attention lately and I would like to share some information about what exactly cyber insurance is, a little about the history of the industry, as well as how it may be important to your business.  I am going to break this information into a few blog posts for ease of readability.

Cyber insurance policies have been available since the 1980s; however, coverage was provided only to banks and large companies.  As the 1990s rolled around cyber coverage was more common but industry wide only a few policy holders made claims.  When the Y2K scare approached insurance carriers began to see how interconnected our lives and businesses are and how we had grown dependent on computer technology.  At that time insurance companies began excluding most cyber risks from their general policies.

When a person or business purchases an insurance policy he or she is transferring the type of risk listed on the policy to the insurance company in exchange for payment of the policy premium.  The purchase of insurance is only one method of risk management.  In the case of cyber insurance all insurance companies require that companies purchasing the insurance avoid and reduce their cyber risks with a properly implemented and maintained IT security plan.  Insurance companies want companies to do their part to manage the risks and make sure they are not easy targets.


Will continue soon…..