Business owners should consider risk of cyber attacks

[Audrey McNeil <audrey () riskbasedsecurity com>]

http://www.macon.com/2015/01/27/3554742_business-owners-should-consider.html?rh=1

If you have a business and collect customer information and store it
electronically, are you at risk for a cyber attack? Does your current
insurance policy cover such a breach and the consequential costs?

Unfortunately this might be the biggest risk you face as a business owner
in the future.

Most of us have seen the headlines of the Target, Sony and Chick-fil-A data
breaches. These incidents can be very costly to the companies and can
result in a class action lawsuit. The potential settlement costs and the
cost to just defend such a suit can be significant.

The first thing to determine is if you are at risk for a cyber attack.
According to insurance journals, the types of businesses most at risk are
retail businesses and health care businesses because they have accumulated
and stored the most personal information on their clients. How secure is
this information for your business?

I certainly do not mean to push the panic button for businesses here in
Middle Georgia, but you need to consider cost versus risk for your business
just like you do other coverage.

Some key initial steps to take are:

• Know exactly where your data resides and be sure you know where your
vendor may be sending it.

• Contracts with vendors should have indemnity language included, which
means the vendor holds the organization harmless for breaches of data being
held.

• Demand proof of insurance coverage that will cover both the vendor and
the organization in the event of a breach.

Most states have enacted data breach notification laws requiring affected
businesses to notify customers that their personal information has been
lost or stolen.

Cyber or data compromise coverage includes response expenses, notification
to affected individuals, and if there is a covered loss, it covers defense
and liability coverage in the event the affected individuals sue the
business. It also covers expense reimbursement and case management services
for key individuals within the insured business.

If you think your business may be at risk, the first step is to call your
insurance agent or company to review your exposure. The cost of this
coverage varies. Typical limits within a liability policy are $50,000.
Limits of up to $1 million are available from most companies. How much is
right for your business depends on how many customer records are stored.
Just be sure you are getting first party and third party coverage under one
policy. The cost of a data breach can be up to $100 per affected customer.

As a business owner, it probably took awhile to establish a reputation with
your customers. You do not want to lose it with a data breach. But like
anything else, this is an additional expense to the business. The decision
to buy is always up to the business owner.


Read more here:
http://www.macon.com/2015/01/27/3554742_business-owners-should-consider.html?rh=1#storylink=cpy

_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss
For inquiries regarding use or licensing of data, e-mail
        sales () riskbasedsecurity com 

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
YourCISO is an affordable SaaS solution that provides a comprehensive information security program that ensures focus 
on the right security.  If you need security help or want to provide real risk reduction for your clients contact us!