The internet represents a fantastic opportunity for businesses to reach out to consumers. Websites and social media bring two way communication to a whole new level. And technological advancements let businesses give their consumers access to their own files with the ability to do more for themselves. With great advancements in information technology and computers come great advancements of hacking and fraud, which can also result in cyber-attacks and where the risk is a Privacy Breach.
What is a Privacy Breach?
It is a loss or theft or accidental publishing of personal information of either your staff or your customers. There are many examples of companies experiencing a privacy breach: Sony, Home Depot, Target, The Bay. Recently, the Marriott chain of hotels suffered a severe data breach with the exposure of up to 500 million guests. Most often breaches happen when sensitive documents are lost, unsecured laptops go missing, un-encrypted databases online are hacked, portable hard-drives get stolen, or through employee error. There’s not a business today which does not have some cyber risk or the possibility of a privacy breach. If your business deals with sensitive client information privacy breach insurance is a must.
The Numbers Tell the Tale
According to the 2018 Cost of a Data Breach Canada study from the Ponemon Institute, a research company devoted to privacy and security issues, the average cost per compromised record in Canada in 2017 was $202 for a data breach. Imagine your company’s 10,000 customers’ data is stolen. The potential of a $2 million settlement charged against your company should cause fear. Perhaps your clientele is smaller and you have 1,000 clients. That’s still over $200,000 in costs.
In fact, the average total cost of a data breach in Canada is $4.74 million with the average size of data breaches being 22,275 individual records.
Update Your Cyber Security on a Constant Basis
Most companies have websites therefore things like malicious code, denial of service or web-based attacks can be a problem. This is especially true if a company gets most of its new business from online leads or sales. Retail companies collect a lot of customer data such as credit cards and addresses are highly prized targets in the hacking world.
What Can You Do to Protect Your Client Data?
Here are some ideas to lessen the potential of Cyber Risk to your company:
- Secure and restrict access to data in the first place. Not everyone needs access to your company’s information. Whether in hard (paper) or soft (electronic) copy form have that information available only to those who need to know.
- Password protection and encryption especially for all sensitive information. There are many technologies available to encrypt your information.
- Secure remote access. Today many business allow their employees to log into the office remotely. This means those connections can be vulnerable. Make sure you use passwords and if the data is particularly sensitive, such as medical files or payment information, then consider using a Virtual Private Network (VPN).
- Anti-virus, anti-spyware software. Run all your computer systems through enterprise-level anti-spyware/virus software. Also ensure that you have adequate firewalls in place to control access to the internet from within your organization.
- Update software regularly. Software changes happen rapidly. Your computer systems might have the best anti-virus software available, but it’s only as current as its last update. Every day new malware programs are created, which means your protective programs must be current. This will help to maintain the integrity of your data and network.
What can privacy breach insurance or cyber security insurance do for your company?
There’s lots to consider when looking at cyber risks. A lot of insurance companies offer consulting before a breach occurs. This is to help businesses understand and set up their response strategy in the event of a privacy breach. Things like incident response planning, notification letters, agency and government contact information.
Here are a few Coverages You Should Consider for Your Cyber Liability Insurance:
- Coverage for theft, loss or unauthorized disclosure of private client data
- Network security coverage – which includes coverage for data theft, malicious code, denial of service attacks and unauthorized access
- Funds for notification costs and fees charged by legal counsel
- Coverage for cyber extortion or cyber-ransom as a result of a breach to your network
- Coverage for the costs of a credit monitoring program as a result of a breach of your data
- Advertising and Multimedia coverage – for libel, slander, product disparagement and more
- Coverage for loss as a result of corruption, deletion of your data caused by a breach of your network
- Options for crisis management expenses
- Business interruption due to a network breach
- Many more options
Cyber Threats are Now a Corporate Board Issue
A company board that is lax about the privacy responsibilities it has to its clients will soon find itself in deep trouble. Canada’s privacy laws changed on Nov 1, 2018. Now there is mandatory notification required for all data breaches. With this legal requirement privacy security is fast becoming a board issue, requiring board action.
Being prepared with crisis-management plans is the first step, but having insurance coverage for data breach or cyber risk is the second.
Would you like a second opinion on your Cyber Insurance? Visit us here. Are you a small contractor and require a cyber insurance policy? Consider Lackner McLennan Insurance Ltd.’s speciality contractor cyber insurance policy.
Think you need another view of your commercial insurance? Visit here.
We’d love to read your comments. You can leave them below.
Thanks for reading.
Disclaimer
Lackner McLennan and Erb and Erb create these informational articles with the intention of educating the public about insurance and investment related matters. This article does not substitute for broker advice regarding your specific insurance or investment needs. For a comprehensive strategy to tackle what you, your family, or your business, may need we invite you to speak directly to a broker who can guide you through all the options available to you.