The Importance of Cyber Liability
As technology becomes increasingly important for successful business operations, the value of a strong cyber liability insurance policy will only continue to grow. The continued rise in the amount of information stored and transferred electronically has resulted in a remarkable increase in the potential exposures facing businesses. In an age where a stolen laptop or hacked account can instantly compromise the personal data of thousands of customers, or an ill-advised post on a social media site can be read by hundreds in a matter of minutes, protecting yourself from cyber liability is just as important as some of the more traditional exposures businesses account for in their general commercial liability policies.
Why Cyber Liability Insurance?
A traditional business liability policy is extremely unlikely to protect against most cyber exposures. Standard commercial policies are written to insure against injury or physical loss and will do little, if anything, to shield you from electronic damages and the associated costs they may incur. Exposures are vast, ranging from the content you put on your website to stored customer data. Awareness of the potential cyber liabilities your company faces is essential to managing risk through proper coverage.
Possible exposures covered by a typical cyber liability policy may include the following:
- Data breaches: Increased government regulations have placed more responsibility on companies to protect clients’ personal information. In the event of a breach, notification of the affected parties is now required by law. This will add to costs that will also include security fixes, identity theft protection for the affected and protection from possible legal action. While companies operating online are at a heightened risk, even companies that don’t transmit personal data over the internet, but still store it in electronic form, could be susceptible to breaches through data lost to unauthorized employee access or hardware theft.
- Intellectual property rights: Your company’s online presence, whether it be through a corporate website, blogs or social media, opens you up to some of the same exposures faced by publishers. This can include libel, copyright or trademark infringement and defamation, among other things.
- Damages to a third-party system: If an email sent from your server has a virus that crashes the system of a customer, or the software your company distributes fails, resulting in a loss for a third party, you could be held liable for the damages.
- System failure: A natural disaster, malicious activity or fire could all cause physical damages that could result in data or code loss. While the physical damages to your system hardware would be covered under your existing business liability policy, data or code loss due to the incident would not be.
- Cyber extortion: Hackers can hijack websites, networks and stored data, denying access to you or your customers. They often demand money to restore your systems to working order. This can cause a temporary loss of revenue plus generate costs associated with paying the hacker’s demands or rebuilding if damage is done.
- Business interruption: If your primary business operations require the use of computer systems, a disaster that cripples your ability to transmit data could cause you, or a third party that depends on your services, to lose potential revenue. From a server failure to a data breach, such an incident can affect your day-to-day operations. Time and resources that normally would have gone elsewhere will need to be directed towards the problem, which could result in further losses. This is especially important as denial of service attacks by hackers have been on the rise. Such attacks block access to certain websites by either rerouting traffic to a different site or overloading an organizations server.
Cyber liability insurance is specifically designed to address the risks that come with using modern technology; risks that other types of business liability coverage simply won’t. The level of coverage your business needs is based on your individual operations and can vary depending on your range of exposure. It is important to work with a broker that can identify your areas of risk so a policy can be tailored to fit your unique situation.
Fraud on the Rise
A recent global fraud and risk report by Kroll, Inc. gives insight into the state of fraud and risk incidents in 2016, during which 82 percent of respondents experienced a fraud incident—up from 75 percent in 2015 and 61 percent in 2012.
Fraud concerns affect not only a company’s bottom line, but also its ability to expand overseas. Over two-thirds of executives say their companies have been deterred from operating in a particular country or region due to fraud concerns.
The Most Common Perpetrators Come From Within
Contrary to the popular belief that security breaches come from external sources, the most common perpetrators of fraud, cyber incidents and security incidents were internal.
- Fraud—Sixty percent of respondents who experienced fraud identified a combination of current employees, former employees and third parties as perpetrators.
- Cyber Incidents—Overall, 44 percent of respondents reported that insiders were to blame for cyber incidents, with 20 percent of the source of risk attributed to former employees.
- Security Incidents—Insiders were the main perpetrators of security incidents at 56 percent, with former employees accounting for 23 percent of security incidents.
Increasingly Complex Threats for Businesses
The evolving nature of incidents reflects a growing challenge for businesses. While every fraud category has seen an increase in incidents between 2015 and 2016, market collusion and misappropriation of company funds realized the greatest increases, at 15 percent and 11 percent, respectively.
While insiders are cited as the main perpetrators of fraud, they are also the most likely to discover it, with 44 percent of respondents reporting that it had been discovered through a whistleblowing program, and 39 percent reporting that it was detected through an internal audit. In fact, over 75 percent of respondents indicated that their companies have adopted employee-focused anti-fraud measures, technical countermeasures and physical security measures.
It is important to remember that no organization is immune to the impact of cybercrime. As a result, cyber liability insurance has become an essential component to any risk management program.
Robertson Insurance & Risk Management
Our vision is to deliver services and engage others in such a way that each and every action demonstrates we care about them, our relationship, and their future well-being. Our purpose is to help you create a business risk program that not only meets your needs today, but in the future as well. If you are in business, our goal is to keep you in business. Protecting what you have worked so hard to build is our passion. Contact us today for your consultation 717-625-3770.