When it comes to a data security breach or privacy loss, it isn’t a matter of if it will happen as when it will happen. So when it does happen, you’ll need comprehensive protection to handle cyber risks.
We are all seeing the growing media attention and global events surrounding Social Media (Facebook Security) , Internet Theft and Cyber & Privacy Protection, I thought perhaps I would advise some of the stats on Cyber Crime we are seeing. I think that you will agree with me that the below is quite alarming.
Were you aware that more than 20% of Australian organisations experienced cybercrime in 20121 and 40% of all attacks were directed at Small/Medium Enterprises2?!
Some of the problems we are seeing are:
- Data Protection
(account details, payroll and staff info, email and backup details etc) - Theft of Money / IP
- Lost income
- Privacy (of your information and your client/customer information)
- Copyright
- Defamation
Are we ready for the increased exposures of running a business??
Many small businesses are perfect targets for cyber-attacks because they lack sophisticated security to protect trade secrets and customer data. In most instances (in the claims scenarios below), the business did have security firewalls and contracted their IT Services out to a 3rd party IT contractor – However the Professional Indemnity claims to the 3rdparty IT professional often taking many months of court dates and still not covering the:
- Ransom demanded by the Cyber thief
- Customer and market confidence in your business
- Collecting and protecting the stolen data or information (eg client/customer records)
- The immediate loss of business income $$ not being able to trade
These new exposures can be covered by Insurance, via a Cyber Crime / Cyber Security Policy.
I have listed a few Claims Scenarios below for a Cyber Policy:
Scenario one: |
|
Profile:
|
Travel agency with four locations, $10M turnover and 30 staff
|
Background:
|
The Insured experienced three separate data breaches over a three-year period in which hackers gained access to the Company’s computer system. Over 250,000 individuals’ credit card information and passport details were compromised
|
Policy Response:
|
Privacy Protection, Breach Costs Privacy (of your information and your client/customer information)
|
Outcome:
|
$1,750,000 paid for the forensic and legal costs in defending the investigation brought by the regulator and the cost of notifying the affected individuals including providing credit monitoring services.
|
Scenario two: |
|
Profile:
|
Medical Surgery (local to the Gold Coast)
|
Link to the local news article:
|
Scenario three: |
|
Profile:
|
Law firm with turnover of $2M and 8 staff
|
Background:
|
The Insured’s server and client records were locked by Ransomware software. The Insured was only able to get the files released after paying a ransom of $50,000 to hackers.
|
Policy Response:
|
Cyber Business Interruption, Cyber Extortion, Hacker Damage (all covered by a Cyber Liability/Crime Policy)
|
Outcome:
|
$150,000 paid for the loss of income, the random demand including consultants costs to advise on handling and negotiation of the ransom, and costs to restore the network as the hackers refused to release the files despite random payment.
|
Estimate Your Risk Exposure
Since 2005, The Ponemon Institute has examined the cost incurred by organizations, across industry sectors, after experiencing a data breach. The results were not hypothetical responses.
They represent cost estimates for activities resulting from actual data loss incidents. Based on trend data they have been gathering since 2005, they have created a calculator that will estimate how much a data breach could cost your organisation.
It can estimate:
- The likelihood that your company will experience a data breach in the next 12 months.
- The cost per record in the event of a data breach at your Company.
- The cost of a data breach at your company.
Having the above cover is becoming increasingly more important each day. Should you wish to be covered for Cyber Liability/Cyber Crime, we are only too happy to arrange Quotations and Policies.