BreachExchange mailing list archives
More Midsize Businesses Purchasing Cybersecurity Insurance Policies
From: Audrey McNeil <audrey () riskbasedsecurity com>
Date: Fri, 24 Oct 2014 12:56:35 -0600
http://midsizeinsider.com/en-us/article/more-midsize-businesses-purchasing-cyber#.VEmFa_nF-So A data breach can be extremely damaging to a midsize business, with resulting costs potentially in the hundreds of thousands — if not millions — of dollars, depending on how many records are compromised. It is an expense that many midsize businesses cannot afford, forcing many to close after an attack. With the number of data breaches increasing each year and the frequency of attacks targeting midsize businesses on the rise, it is not surprising that more and more companies are turning to cybersecurity insurance policies. Under Attack The Washington Post reports that more than 3,000 American businesses were victims of hackers over the past year, and many of them were small and midsize firms. There are also data risks from lost or stolen mobile devices, or from disgruntled insiders who can cause network damage or leak sensitive information. Greater Sophistication Cybersecurity insurance policies have been around for two decades, but they have been evolving to meet the ever-changing needs of cybersecurity. Originally, these policies pertained to things like protecting websites and liabilities involving e-commerce. Today, cybersecurity insurance is a billion-dollar industry and growing. "As protective technology becomes more sophisticated, hackers' methods are following suit. Unlike tornadoes and earthquakes, where risks can be calculated, experts say there's little experience on when — and how — cyberattacks will hit," the Washington Post states. Why the Need Cybersecurity insurance policies not only help save the midsize business after a data breach, but they also protect the IT department. Cybersecurity is now so complicated that IT needs all the support it can get, and it cannot be assumed that IT staff can successfully manage every potential security issue. Even large corporations that have the financial resources to invest in security professionals and multiple layers of security applications and systems cannot handle it on their own, let alone midsize businesses that do not have trained security professionals on staff and who are asking a small IT staff to handle security on top of their day-to-day duties. Cyberattacks are not covered under other types of insurance policies, so having an insurance policy that specifically protects business interests in case of a security breakdown is the only way to guarantee the situation is covered. Too often, a midsize business's interest in purchasing insurance arises too late, coming after the breach has already occurred. Instead, cybersecurity insurance should be part of the overall cybersecurity plan, an added layer that provides financial protection to keep the company running smoothly after an attack.
_______________________________________________ Dataloss Mailing List (dataloss () datalossdb org) Archived at http://seclists.org/dataloss/ Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss For inquiries regarding use or licensing of data, e-mail sales () riskbasedsecurity com Supporters: Risk Based Security (http://www.riskbasedsecurity.com/) YourCISO is an affordable SaaS solution that provides a comprehensive information security program that ensures focus on the right security. If you need security help or want to provide real risk reduction for your clients contact us!
Current thread:
- More Midsize Businesses Purchasing Cybersecurity Insurance Policies Audrey McNeil (Nov 03)