Business insurance is a boring but necessary element to any business. Yet knowing there have been more than half a billion data breaches in the past nine years, business owners may want to take notice. That number is no joke. The Identity Theft Resource Center reports 630,432,294 individual names, plus personally identifiable information, have been put at risk between 2005 and May 2014. Last year alone, Facebook, Twitter, Apple, Microsoft, Evernote, Vodafone, Adobe, Nordstrom and Target all reported security breaches, including credit card skimmers, stolen financial records and malicious software.
Even small business owners are at risk. In 2012, 31 percent of cases investigated were from organizations with fewer than 100 employees. Privacy and security risks are generally excluded from general business liability policies. To protect your business, it is extremely important to have a risk management plan in place to keep client records safe from inside and outside intrusions. Even with the most sophisticated data management plan in place, every business is a target. For this reason, cyber liability coverage can help guard a business from exposures, including security breaches, mistakes and unauthorized employee acts, virus attacks, hacking, identity theft or private information loss and infringing or disparaging content.
Cyber liability policies provide businesses protection to both first-party and third-party exposures arising from Internet communications, e-business, networks and informational assets. First-party exposures include a company’s liability for holding private customer information, such as credit cards, Social Security numbers and medical history. Third-party risks extend to a company’s clients who enter their personal information on the company’s website.
As an example, medical records are one of the most popular targets for criminals, because there is a substantial profit that can be made on the black market, as well as the difficulty in prosecuting the perpetrators. One study has shown patient record breaches soared 137.7 percent from 2012 to 2013, indicating cyber liability coverage is crucial. Other risks for businesses include the introduction of a virus to a client’s system, inadvertent release of confidential information, theft of intellectual property and faulty web design.
Cyber liability policies are continuously evolving as the business world’s dependence on the Internet and information infrastructures increases. Generally, the policies cover a wide range of risk areas because one email virus can set off a chain reaction and disrupt business for several days. Not only do cyber liability policies cover the cost of compromised data, they can also provide for the cost of data recovery after an information technology disaster. Ponemon Institute’s 2013 Cost of Data Breach Study reports the average cost for a data breach in the United States is $188 per record.
Cyber liability policies work in concert with other business insurance policies by minimizing overall business risk. Many small- and mid-sized businesses are underinsured in this area, as many business owners are unaware of the risks involved. Policy costs are generally based on the revenue of the business and the extent of the business’s risk exposure.
William G. Lako Jr., CFP, is an executive in residence at Kennesaw State University’s Coles College of Business and a principal at Henssler Financial. Lako is a certified financial planner.The Marietta Daily Journal will periodically publish columns from KSU business faculty.