BreachExchange mailing list archives
Business owners should consider risk of cyber attacks
From: Audrey McNeil <audrey () riskbasedsecurity com>
Date: Wed, 28 Jan 2015 19:40:57 -0700
http://www.macon.com/2015/01/27/3554742_business-owners-should-consider.html?rh=1 If you have a business and collect customer information and store it electronically, are you at risk for a cyber attack? Does your current insurance policy cover such a breach and the consequential costs? Unfortunately this might be the biggest risk you face as a business owner in the future. Most of us have seen the headlines of the Target, Sony and Chick-fil-A data breaches. These incidents can be very costly to the companies and can result in a class action lawsuit. The potential settlement costs and the cost to just defend such a suit can be significant. The first thing to determine is if you are at risk for a cyber attack. According to insurance journals, the types of businesses most at risk are retail businesses and health care businesses because they have accumulated and stored the most personal information on their clients. How secure is this information for your business? I certainly do not mean to push the panic button for businesses here in Middle Georgia, but you need to consider cost versus risk for your business just like you do other coverage. Some key initial steps to take are: • Know exactly where your data resides and be sure you know where your vendor may be sending it. • Contracts with vendors should have indemnity language included, which means the vendor holds the organization harmless for breaches of data being held. • Demand proof of insurance coverage that will cover both the vendor and the organization in the event of a breach. Most states have enacted data breach notification laws requiring affected businesses to notify customers that their personal information has been lost or stolen. Cyber or data compromise coverage includes response expenses, notification to affected individuals, and if there is a covered loss, it covers defense and liability coverage in the event the affected individuals sue the business. It also covers expense reimbursement and case management services for key individuals within the insured business. If you think your business may be at risk, the first step is to call your insurance agent or company to review your exposure. The cost of this coverage varies. Typical limits within a liability policy are $50,000. Limits of up to $1 million are available from most companies. How much is right for your business depends on how many customer records are stored. Just be sure you are getting first party and third party coverage under one policy. The cost of a data breach can be up to $100 per affected customer. As a business owner, it probably took awhile to establish a reputation with your customers. You do not want to lose it with a data breach. But like anything else, this is an additional expense to the business. The decision to buy is always up to the business owner. Read more here: http://www.macon.com/2015/01/27/3554742_business-owners-should-consider.html?rh=1#storylink=cpy
_______________________________________________ Dataloss Mailing List (dataloss () datalossdb org) Archived at http://seclists.org/dataloss/ Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss For inquiries regarding use or licensing of data, e-mail sales () riskbasedsecurity com Supporters: Risk Based Security (http://www.riskbasedsecurity.com/) YourCISO is an affordable SaaS solution that provides a comprehensive information security program that ensures focus on the right security. If you need security help or want to provide real risk reduction for your clients contact us!
Current thread:
- Business owners should consider risk of cyber attacks Audrey McNeil (Jan 30)