Cyber…The ‘Modern’ Threat!
Recent statistics show that in January 2020 alone, nearly 1.8 billion user records were leaked due to cyber-attacks, representing personal information and passwords for approximately 772 million people. It sounds scary, right? And what if I tell you that a recent study from the University of Maryland shows that hackers attack every 39 seconds, on average 2,244 times a day. What is most worrying is that those statistics were released prior to COVID. Unfortunately, cybercriminals have taken advantage of the COVID-19 pandemic, so we’ve started to see the number of companies and individuals affected by cyber-attacks continue to rise. As a matter of fact, the FBI recently reported that since the start of the coronavirus, cyber-attacks have increased by 300%.
There is no doubt that digital technology has transformed the way to do business today. Every business uses their own computer network, in addition to portable media devices, to send, receive and store sales projections, business strategies and any other information owned by the business, and the truth is that if any of this data is lost, damaged or stolen due to a cyber-attack, it could cost thousands of dollars just to restore or replace. On top of that, your computer network might also store sensitive data of others such as your vendors, clients, customers, and employees. If there is a cyber breach and such info is leaked or accessed by a hacker, you could be held liable for their damages, in addition to all the expenses your firm will need to incur to notify those impacted by your data breach as required by the law. Additionally, you will need to hire legal, public relations and computer forensics firms to help you investigate, handle and mitigate the loss and the possible impact to your business and brand. So, how can Cyber insurance protect you?
How Cyber Insurance Can Protect You
Cyber insurance can protect your business against costs associated with a data breach as it will cover legal defense, settlements, crisis management response expenses, including notification costs and credit monitoring, business interruption and extra expense, among other coverages. Here are some of the first-party, third-party and crime coverages you could find in a cyber policy:
- Cyber Breach Costs, including notification and credit monitoring costs arising from the theft of personal identifiable information of customer arising out of a cyber breach. It will also provide for reimbursement of fees and expenses for forensics consultants and public relation firms.
- Cyber Extortion Costs: Coverage for the investigation and settlement of a cyber-extortion threat.
- Data Restoration: Coverage for costs to replace, restore or recover digital information from written or electronic records due to their corruption, theft, or destruction caused by a cyber-attack.
- Business Interruption and Extra Expense covers income losses that might be sustained by your business and additional expenses you might incur to restore the operations following an interruption caused by a failure of security. Coverage is also available for business interruption from cyber events affecting your vendors (IT, cloud provider).
Third Party Coverages:
- Privacy or Network Security Liability costs incurred in the investigation and defense of the Insured, including monetary amounts the Insured is legally obligated to pay to others.
- Media Liability for online copyright infringement, libel, slander, plagiarism, and invasion of privacy as a result from your publication of electronic data on the internet (either on your webpage or social media).
- Regulatory Defense and Penalties: Protection for the insured in the event they are fined or penalized by a governing body (HIPAA).
- Payment Card Loss: Coverage in the event your business is fined or penalized by the Payment Card Industry.
- Social Engineering: Coverage when the insured suffers a loss of money because of a spear phishing scam which dupes an employee of the insured into wiring money to a third party.
- Telephone Fraud: Coverage for telephone service charges and fees incurred by the insured in the event of their telephone system being hacked by a third party.
The Future of Cyber Security
Steve Durbin, Management Director for the Information Security Forum, which is an organization with over 30 years of expertise on information security and risk management, recently said the following about the future of cyber security:
“By 2022, organizations will be plunged into crisis as merciless attackers exploit weaknesses in immature technologies and take advantage of an unprepared workforce. At the same time, natural forces will wreak havoc on infrastructure. Invasive technologies will be embraced across both industry and consumer markets, creating an increasingly tumultuous and unpredictable security environment.
Organizations will have to adapt quickly to survive when digital and physical worlds collide. Those that don’t will find themselves exposed to threats that will outpace and overwhelm them.”
As I was reflecting his thoughts, one of my favorites quotes by Sun Tzu came to my mind, “In the midst of chaos, there is also opportunity”. The COVID pandemic has taught us that our biggest line of defense against cyber-attacks should be a combination of: Equipment, Software & Education. Consistency and prevention work far better than reaction and improvisation. Therefore, it is the perfect timing to: (1) have a cyber discussion with your team, (2) review your security parameters in order to detect any vulnerabilities in your network; (3) establish, implement and review your cyber-incident response and business continuity strategies, (4) provide regular employee training and testing, and (4) start thinking about buying cyber insurance, or if you already do, it is a good opportunity to chat with your broker or agent about limits and coverages.
As the technology continues to evolve, the sophistication and ever-changing nature of cyber will continually challenge us in terms of cyber mitigation and prevention. However, there is no doubt that cyber insurance can give all of us some peace of mind.