Why do you need Cyber Liability Insurance – Data Breach Insurance ?
In the insurance industry the is an increasing concern brewing regarding Cyber Liability Insurance and Data Breach Insurance Coverage, it is typical when this happens, that the reason is that there is an increasing need for the coverage and more importantly an increased frequency of claims.
What is Cyber Liability Insurance or Data Breach Insurance?
With the explosion of the use of computers, the internet, database use, implementation of mobile devices and remote employees there has become an increased exposure of information being much more accessible than it was in days past when they were safely stored on paper in an office. For the sake of convenience, now, in the computer era client data is now being stored digitally to make it more accessible to employees, more portable for computer systems and simpler to gather and collect. With this the possibility of this information being lost, compromised or stolen has also increased. Claims can stem from lost computers, hacked emails, hacked websites or website databases being scraped from websites.
So the question arises, as a business owner, are you at risk of a Cyber Liability Claim or a Data Breach , and if so what are the financial ramifications?
The answer is simple, you are legally responsible and have a fiduciary responsibility in the event that your clients data is breached.
A recent study, says human errors and system problems caused about two-thirds of data breaches, and that contributed to the worldwide increase in costs.1 The study estimated the breach cost per record in the United States averaged $194 in 2011 and $188 in 2012. At this rate of you are a small store, hotel, fitness center, insurance agency, real estate agency with a client base of 200, a lost laptop, data breach or cyber liability attack could end up costing you upwards of $40,000 to mitigate.
Additionally, breaches cost more if a third-party error caused the breach or if a lost or stolen device triggered a breach notification. In addition, being too quick to announce a breach can make it more costly, not less, the Ponemon study found.2
The 2013 analysis found that social tactics were broadly tied to most breaches. Attackers use a phishing email containing either a malicious link or a dangerous file attachment. Weak or stolen passwords were used in 76 percent of breaches analyzed by Verizon.
Malware was tied to 40 percent of all breaches, Verizon found. Direct installation of malware by an attacker already on a system is the most common attack vector, accounting for 74 percent of all breaches, Verizon said. Malware distributed via email accounted for 47 percent of all breaches, according to the analysis. A malicious email attachment was used in many espionage breaches. Drive-by downloads accounted for only 8 percent of breaches.
Some form of hacking took place in 52 percent of breaches analyzed by Verizon. Attackers often used a backdoor to gain remote access onto a victim’s system. In some cases, attackers used SQL injection, a common Web application vulnerability to gain access to a website and its underlying database servers. Malware and hacking still rank as the most common actions, but they were scaled back rather significantly among 2012 breaches, with social methods increasing, Verizon said.
Verizon said executives and managers make a sweet target for cybercriminals using spearphishing attacks. Executives and managers typically have access to proprietary data. Email is the most common vector of social attacks, and Verizon said executives and managers may be more susceptible to opening a .pdf or .ppt document.
Phishing was used in 22 percent of the breaches Verizon analyzed. Phishing jumped bribery and manipulation to become the most widely used social tactic, Verizon said. Phishing was used in more than 95 percent of targeted attacks. Cybercriminals used the technique against small and large organizations. A study conducted by Herndon, Va.-based ThreatSim, a phishing defense firm, found that just three phishing emails gives an attacker a better-than-50-percent chance of getting at least one click. Sending 10 phishing emails almost guarantees an employee will click on a phishing link.3
The chart below shows the average total organizational cost of a data breach for the top 9 countries across those studied. As you can see the average cost of a cyber liability – data breach was almost $5.5 Million dollars
As stated above, the average cost per record lost was almost $200.00, the chart below indicates that in the Unites States of America, the average number of records breached in was well over 34,000 records per breach.
Below is the per capita cost by industry classification, for financial institutions, pharmaceuticals and healthcare, the cost per record breached was in excess of a staggering $200 per record, with transportation, communications, services, technology, research, energy, hospitality, consumer goods & retail, education, media and industrial sectors all over $100 per record.
If you need more information or a free quote for cyber liability and data breach security insurance coverages , please click the button to the right. Cyber Liability and Data Breach Insurance quotes are quick and free.
1 http://www.bankinfosecurity.com/interviews/data-breach-i-1953
2 http://www.eweek.com/security/strong-security-management-helps-control-data-breach-costs-study
3 http://www.crn.com/slide-shows/security/240153446/verizon-analysis-top-10-causes-behind-data-breaches.htm