The security leaks and information provided by Edward Snowden brought the entire subject of cyber security and privacy to the public’s attention. Who is listening to us or monitoring our communications? Unfortunately, it is not just the National Security Agency. Cyber thieves and hackers are doing more than listening, as we have recently seen with the data breaches of at least two major retailers and the possibility of others still looming. Hackers are stealing data, and that theft threatens both personal finances and the national economy. A recent study by the Ponemon Institute of nearly 5000 Information Technology and IT security professionals from the U.S., U.K., France, Germany, Japan, China, India, Australia and Brazil revealed that 60% of companies had a network security breach in 2012 and that 34% of those companies had experienced more than one breach.
State and federal legislation specifies what any holder of key data must do in response to a breach. These laws often involve personal information such as Social Security, driver’s license or state identification card numbers, even tribal identification numbers and account numbers or credit and debit card numbers, in combination with any required security codes, access codes, or passwords that would permit access to someone’s individual’s financial accounts.
Commercial risk insurance policies for cyber breaches continue to evolve as the standard commercial liability policy may not cover a data breach or cyber loss. It is neither bodily injury nor property damage. Cyber policies provide coverage that assist with the cost of addressing the mechanics of a data breach and also help a business with the significant costs of compliance with notification requirements. “Cyber breaches have become among the largest, most costly exposures for companies of any size, with sensitive proprietary and customer information data stored on mobile and desktop devices and networks at greater risk than ever,” reported the National Underwriter Company’s Property Casualty 360 in August, 2013. “The cyber insurance-related sales opportunity for brokers and carriers is massive, as breaches can cost even the smallest clients millions when – not if – data is compromised.”
“How costly?” the article asks, then answers: “NetDiligence’s 2012 Cyber Claims Study found the average cost per breach was $3.7 million, compared to $2.4 million the prior year. These figures include dollars spent for legal defense, counsel and settlement, forensic investigations, notification of customers, call center staffing and credit monitoring.” Cyber breach insurance includes three areas of coverage, including liability defense and settlement arising out of an insured’s failure to protect private data, remediation, including investigation public relations and customer identification and notification, and fines or penalties imposed on the insured for allowing a breach.
Handling a cyber-breach claim requires savvy adjusting skills. These skills and more are taught in Crawford Educational Services classes or online at Knowledge Management Center (KMC) on Demand courses.
This article comes from Take Note, the newsletter of Crawford Educational Services. You can subscribe here.