Cyber Risks are Real, Protect Your Business

The federal Internet Crime Complaint Center received more than 330,000 complaints in 2009, and more than a third of them ended up in the hands of law enforcement. The damages from those referred to the authorities totaled more than a half billion dollars. The Government Accountability Office estimated that cyber crime cost U.S. organizations $67.2 billion in 2005; that number has likely increased since then. With so much of business today done electronically, organizations of all types are highly vulnerable to theft and corruption of their data. It is important for them to identify their loss exposures, possible loss scenarios, and prepare for them. Some of the questions they should ask include:

What types of property are vulnerable?

The organization should consider property it owns, leases, or property of others it has in its custody. Some examples:
  • Money, both the organization’s own funds and those it holds as a fiduciary for someone else

  • Customer or member lists containing personally identifiable information, account numbers, cell phone numbers, and other non-public information

  • Personnel records

  • Medical insurance records

  • Bank account information

  • Confidential memos and spreadsheets

  • E-mail

  • Software stored on web servers
Different types of property will be susceptible to various threats, such as embezzlement, extortion, viruses, and theft.

What loss scenarios could occur?

The organization needs to prepare for events such as:
  • A fire destroys large portions of the computer network, including the servers. Operations cease until the servers can be replaced and reloaded with data.

  • A computer virus infects a workstation. The user of that computer unknowingly spreads it to everyone in his workgroup, crippling the department during one of the year’s peak periods.

  • The accounting department discovers a pattern of irregular small funds transfers to an account no one has ever heard of. The transfers, which have been occurring for almost three months, were small enough to avoid attracting attention. They total more than $10,000.

  • A vendor’s employee strikes up a casual conversation at a worker’s cubicle and stays long enough to memorize the worker’s computer password, written on a post-it note stuck to her monitor. Two weeks later, technology staff discovers that an offsite computer has accessed the human resources database and viewed Social Security numbers, driver’s license numbers, and other personal information.
In addition to taking steps to prevent these things from happening, the organization should consider buying a Cyber insurance policy. Several insurance companies now offer this coverage; although no standard policy exists yet, the policies share some common features. They usually cover property or data damage or destruction, data protection and recovery, loss of income when a business must suspend operations due to data loss, extra expenses necessary to maintain operations following a data event, data theft, and extortion.

However, each company might define these coverages differently, so reviewing the terms and conditions of a particular policy is crucial. Choosing an appropriate amount of insurance is difficult because there is no easy way to measure the exposure in advance.

Consultation with the organization’s technology department, insurance agent and insurance company might be helpful. Finally, all policies will carry a deductible; the organization should select a deductible level that it can afford to pay and that will provide it with a meaningful discount on the premium. Once management has a thorough understanding of the coverages various policies provide in relation to the organization’s exposures, it can fairly compare the costs of the policies and make an informed choice.

Computer networks are a necessary part of any organization’s environment today. Loss prevention and reduction techniques, coupled with sound insurance protection at a reasonable cost, will enable an organization to get through a cyber loss event.
Need insurance for You, Your Family or Your Business?
We can match you to a qualified, local insurance expert!
Further Reading
You spend much time together, and share the burden of difficult decision making. But it's not your spouse - it's your business partner. Your business partner is a tremendous asset to your company. So, how do you protect your business in the event of ...
You set the security alarm every night on your way home. You double-check the window locks and turn the deadbolt on the back door. You place your cash and valuables in the safe. Before turning out the lights, you start the backup routine on your comp...
PROTECT YOUR BUSINESS AGAINST CYBER LIABILITY Cyber crime struck more than four in 10 (43%) U.S. businesses in 2009 according to the Computer Security Institute’s Computer Crime and Security Survey. The number of data security breaches in companie...
Most new business owners are concerned that everything is favorable for the success and safety of their business, which includes obtaining the protection of business insurance. However, longevity and success can cause complacency. Let's say you star...
Every company has one or more "key employees" (whether it's an outstanding manager, a superstar salesperson, or a technological whiz) whose contributions are essential to the business. If one of these key people were to die, the impact on your operat...