In late 2013, Target, the large American retailer, was the victim of a massive data breach that affected as many as 110 million customers. Cyber attackers installed malicious software on point-of-sale devices at Target stores and were able to steal the financial information of 40 million customers and the personal information of 70 million.
From lawsuits and fines to the costs of offering free credit monitoring and hiring a computer forensics investigator, this breach is massive not only in terms of how many customers it’s affected, but also in terms of how much of a financial hit it will take on Target. Target’s cyber insurance policy will cover some of the monetary damages, but the damage to its reputation and customer loyalty will not be easy to recover.
No business is immune to a data breach—not even a nationwide retailer like Target. But your business can survive a data breach if you are prepared to handle it and if you have the proper cyber liability coverage to help you successfully respond to it.
Why Cyber Liability Insurance?
A traditional business liability policy is extremely unlikely to protect against most cyber exposures. Standard commercial policies are written to insure against injury or physical loss and will do little, if anything, to shield you from electronic damages and the associated costs they may incur. Exposures are vast, ranging from the content you put on your website to stored customer data. Awareness of the potential cyber liabilities your company faces is essential to managing risk through proper coverage.
Possible exposures covered by a typical cyber liability policy may include:
· Data breaches – Increased government regulations have placed more responsibility on companies to protect clients’ personal information. In the event of a breach, notification of the affected parties is now required by law. This will add to costs that will also include security fixes, identity theft protection for the affected and protection from possible legal action. While companies operating online are at a heightened risk, even companies that don’t transmit personal data over the internet, but still store it in electronic form, could be susceptible to breaches through data lost to unauthorized employee access or hardware theft.
· Intellectual property rights – Your company’s online presence, whether it be through a corporate website, blogs or social media, opens you up to some of the same exposures faced by publishers. This can include libel, copyright or trademark infringement and defamation, among other things.
· Damages to a third-party system – If an email sent from your server has a virus that crashes the system of a customer, or the software your company distributes fails, resulting in a loss for a third party, you could be held liable for the damages.
· System failure – A natural disaster, malicious activity or fire could all cause physical damages that could result in data or code loss. While the physical damages to your system hardware would be covered under you existing business liability policy, data or code loss due to the incident would not be.
· Cyber extortion – Hackers can hijack websites, networks and stored data, denying access to you or your customers. They often demand money to restore your systems to working order. This can cause a temporary loss of revenue plus generate costs associated with paying the hacker’s demands or rebuilding if damage is done.
· Business interruption – If your primary business operations require the use of computer systems, a disaster that cripples your ability to transmit data could cause you, or a third party that depends on your services, to lose potential revenue. From a server failure to a data breach, such an incident can affect your day-to-day operations. Time and resources that normally would have gone elsewhere will need to be directed towards the problem, which could result in further losses. This is especially important as denial of service attacks by hackers have been on the rise. Such attacks block access to certain websites by either rerouting traffic to a different site or overloading an organizations server.
In an article released by Insurance Journal, it has been said that the massive blow of the data breach has been softened by Target’s Cyber Liability Insurance. “Target said of the $61 million in expenses related to the breach during the quarter, $44 million were offset by an insurance payment, bringing the impact to $17 million.”
AssureSouth, Your Coverage Expert
As reliance on technology continues to increase, new exposures continue to emerge. As your business grows, make sure your cyber liability coverage grows with it. AssureSouth is here to help you analyze your needs and make the right coverage decisions to protect your operations from unnecessary risk.