subject: Cyber Liability Becoming More And More Common [print this page] According to Verizons 2011 Data Breach Investigations Report, since 2008 more than 500 million data records from U.S. businesses and organizations of all types and sizes have been compromised. This includes data containing customers private information and even companies financials. The average cost of a data breach in 2010 was $7.2 million for larger corporations and just under $200,000 for small- to medium-sized organizations. With these kinds of stats, there has been a rise in the purchase of cyber liability insurance.
Cyber attacks aimed at businesses both big and small
Major companies have all been recent targets of cyber-attacks, but the same Verizon study indicates hackers have shifted their efforts to small, and mid-sized businesses, because of conceived easy accessibility and potential for high profit.
Cyber-breach scenarios, such as third-party attacks on a company, are numerous and varied, but certainly growing in frequency and severity. A hacker may gain access to a companys network where sensitive client information is stored and is then able to make fraudulent fund transfers, or capture the information to sell it for identity theft purposes.
But first-party breaches can not be ignored either. A prime example is a trustworthy employee takes her laptop home and has it stolen out of her car, or she inadvertently publishes private client information on the company website. She may merely open an email containing a Trojan virus infecting the companys network. These scenarios can, and have, happened and normal commercial general liability policies do not cover data breaches.
Network breaches will likely result in costly business interruption
Even companies who use service providers must not rely on their providers insurance policy in the case of a cyber-breach claim, given that the company breached would still be liable for the damage done. Therefore, any company who relies on electronic storage of clients private data must fully appreciate and understand the types of expenses and liabilities it would face with the breach of its computer network. A comprehensive cyber liability policy must be able to cover and protect the company from an array of third- and first-party breach liability exposures.
The company will likely also have to hire cyber security professionals to conduct forensic analysis, determine the cause of the breach, and begin the clean up and reparation process of the affected network. While the company is in this process, business as usual is, of course, interrupted. An adequate cyber liability policy should reimburse notification and forensic costs as well as restoration and business interruption costs, meaning what net profits would have been made during notification and cleanup time had there not been a breach.
Todays technology provides great opportunities in the business world, but at the same time these advances also open up businesses to a whole new set of liability exposures.
by: William A. Riggs
welcome to Insurances.net (https://www.insurances.net)
