Whether you’re a small business owner or an executive at a large corporation, you are probably aware that your business is at risk of a data breach, regardless of size, industry, or track record.
Hackers and cyberthieves know that if a company is using any kind of technology, it is likely very easy to “break in” to the business and steal sensitive information. Just look at what has happened recently to companies like Sony and Citibank.
The recent attacks on Sony’s PlayStation Network and Sony Online Entertainment will result in a $170 million hit to its operating profits. The data breach exposed user names, passwords, and addresses from more than 100 million accounts.
The costs of a data breach for a smaller company can be equally staggering. Small- and medium-sized businesses suffer an average loss of nearly $200,000 per attack.
The U.S. government has previously advised businesses to do more to safeguard their computer systems – and their customers’ personal data. According to a Comcast survey, 80% of adults are concerned about their personal information being stolen by a cyber criminal in a network attack. And a 2010 Javelin Strategy and Research report found identity theft and fraud affected more than eight million Americans at a cost of more than $37 billion dollars.
Does Insurance Protect You and Your Customers?
So what can you do to protect you, your company, and your customers from that sort of financial ruin?
Do you know whether your current business insurance policy — or that of your boss – covers you if you pass along a virus or other type of malware, even unknowingly? What if you are accused of libeling another company in a blog, email, or on a social media network?
That’s one of the reasons insurance companies have gotten into the game. For example, Travelers Bond & Financial Products, an insurance company based in Hartford, CT, is now offering a product called CyberRisk.
“The risks go far beyond a single hacker accessing information. From dealing with information leaks to meeting expenses associated with crisis management, business owners need to be prepared to manage their cyber liability,” says Jason Glasgow, a CyberRisk product manager.
Travelers’ CyberRisk policy will address exposures and the ripple effects associated with a cyber-related event, including things like information-security liability, communications and media liability, crisis-management event expenses, computer fraud, e-commerce extortion, and additional expenses.
But Travelers is not alone. British insurance giant Lloyd’s also offers a stand-alone cyber insurance product that includes cyber, privacy, and social-media risks. Insurance giant Chubb & Son has been insuring cyber-security risks for complex financial institutions since 2001; it launched a cyber-liability insurance solution “for the masses” in 2009 to address the growing risks associated with conducting business electronically, from identity theft to e-business interruption.
“In the past, cybercriminals tended to focus on early adapters of technology, such as financial institutions. Today, nearly every company is at risk of a cyber-security breach: It isn’t a matter of if they will experience a data security breach, but when,” says Tracey Vispoli, a vice president at Chubb.