The Internet age has spawned a new type of criminal, hackers that can introduce viruses, malware or conduct simple theft. If you think it can’t happen to your company, guess again.
On Oct. 22, South Carolina’s Department of Revenue reported that as many as 3.6 million Social Security numbers and 387,000 credit and debit card numbers might have been exposed to a hacker in several recent cyber attacks that assaulted the department.
In September, U.S. Bank, PNC Financial Services Group Inc., Wells Fargo, JPMorgan Chase and Bank of America all reported that cyber attacks were attempted.
Regardless of a company’s size, the threat of a virus or hacking is a very real one. One virus could make all your data inaccessible and one breach could release millions of pieces of valuable information about your clients.
That’s why most insurance companies have started to offer cyber insurance or, in some specific cases, cyber-liability insurance. The response, however, has been tepid at best.
“You would think that there would be a big demand for it but it hasn’t really taken off,” said Brian Hunter, president of Hunter Insurance of Lincoln. “What’s happening is that a lot of these insurance companies, under their business-owner’s policies, are offering an endorsement where you can buy some limited-liability insurance coverage for it, as opposed to a separate policy that is a little more inclusive.”
Hunter said he offers two types of insurance; a first-party protection that protects the company’s computers from hacking and helps finance breach assessment and protection, and a second offers third-party protection should data such as Social Security numbers be hacked. If sensitive personal information becomes breached, the company has protection should a lawsuit be filed.
“It’s been a really hot topic over the last two or three years and that’s when some companies started offering special programs,” he said. “I find that most companies are not aware of it or they’re winging it, hoping it won’t happen to them,” he said.
“If your company works on the Internet they need it,” he continued. “They should at least … get a quote, and then come to a decision as to if they need it or not.”
The ramifications of a breach are significant. According to the 2011 Cost of Data Breach Study: United States, written by Symantec of Mountain View, Calif., and the Ponemon Institute of Traverse City, Mich., the average cost of a data breach was $5.5 million in 2011, down from $7.2 million in 2010. Symantic is a computer-security company and the Ponemon Institute is a research center dedicated to privacy, data protection and information-security policy.