This guest post on cyber attacks is written by Michael Rogers, the Operations Director of USInsuranceAgents.com. Cyber attacks are increasing. In fact, the protection of an organization’s data and other computerized assets has become as or even more important than protecting its physical assets.In many cases, the growing emphasis on automating everything from data collection and processing to inventory control can see a data breach or an unexpected malware infection bring the organization’s operations to a shuddering halt.
Even worse, such events can expose the organization to massive liability from both government agencies and any private customers who may have found their data exposed by the event. For example, a health care provider who suffers a data breach could face lawsuits from its private customers while also facing state and federal penalties due to the violation of the Health Insurance Portability and Accountability Act (HIPAA).
For this reason, companies must understand what kind of attacks can occur, how to lower the risk of cyber attacks occurring, and how to protect against the results of cyber attacks by adding cyber liability insurance to companies’ risk-management plans.
Understand cyber attacks
Because computers, mobile phones, and tablets have become so central to today’s business world, data breaches or the installation of malware onto a company’s IT system can spell disaster. The most common types of data breaches or online assaults include:
- Password compromise. Unauthorized access due to compromised passwords on the part of company employees. This issue is often made worse by using the same password for multiple accounts or leaving lists of passwords in an unsecured place.
- Theft. The loss of physical data storage mediums, such as laptops, hard drives and USB sticks.
- Denial of Service attacks. Loss of Internet connectivity due to distributed denial-of-service (DDoS) attacks, often using thousands of compromised computer systems.
- Phishing attacks. In a phishing attack, employees or clients are tricked into giving their passwords and other information to a criminal masquerading as a legitimate member of the company.
- Ransomware attacks. In a ransomware attack, the company’s information is encrypted by criminals, with the responsible parties refusing to decrypt it until they are paid a ransom. In many cases, even after paying the ransom the data will not be decrypted and the responsible party will almost always distribute the data to other criminal groups.
Prevent losses due to cyber risks
The best way to prevent financial and reputation losses due to data breaches and other cyber attacks is to take measures to defeat such attacks before they occur. In fact, much of the pain from data breaches and malware attacks can be prevented with sufficient forethought on the part of the victimized company.
Some of the most effective measures for preventing losses from cyber attacks include the following:
- Maintain an effective password policy. The business must ensure that its employees only use passwords that are difficult to discover. Many data breaches are due to employees who use the names of family members, their birthday or other such easily discovered passwords.
- Use secure systems for online collaborations. For example, Glance's co-browsing technology allows remote collaboration with employees and clients without allowing unauthorized third-party access to the company network. In addition, Glance visual engagement solutions offer role-based permissions, field masking and SAML/SSO integration.
- Maintain regular backups with a reputable off-site service and make regular physical copies of the company’s data that are stored at a secure location. In addition to protecting the company from a cyber attack, this will help avoid the loss of data in the case of a natural disaster or terrorist attack.
Invest in cyber liability insurance
No matter what measures are put in place, a company must accept that there is a risk of a successful data breach or other attack against its IT infrastructure. This can lead to massive losses due to lost business, lawsuits from angry clients and possible federal and state fines. Most importantly, the company may suffer long-term reputational loss, resulting in decreased earning potential for some time to come.
A proper cyber liability insurance policy can cover the following areas:
- Losses due to physical or software damage from an attack.
- Losses due to ongoing business disruptions, such as from a DDoS attack.
- The cost of rebuilding a company’s database.
- Costs associated with notifying any customers or associated businesses of the data breach and possible loss of their private information.
- “Third-party losses,” where the policy protects the company’s clients from direct or indirect financial losses due to the cyber attack.
It is important to note the obtaining cyber liability insurance will require that your company to show that it is serious about maintaining effective IT security procedures. In fact, many cyber liability policies will not cover losses that were caused by avoidable negligence on the part of a company.
In addition, cyber liability policies will not cover losses due to long-term damage to the company’s reputation. For this reason, cyber liability insurance is not a replacement for an effective IT security policy.
In today’s world, companies must treat their IT security as seriously as they treat the security of their physical facilities. When combined with a robust IT security plan, cyber liability insurance can help ensure that a data breach or malware attack does not turn into a disaster for the company’s long-term viability.
About Michael Rogers
Michael Rogers is the Operations Director of USInsuranceAgents.com. With over 5 years of experience and knowledge in the insurance industry, Michael contributes his level of expertise as a leader and an agent to educate and secure coverage for thousands of clients.
About Glance Networks
Glance empowers companies to make doing business online easier and more personal through tightly integrated yet modular visual engagement solutions such as cobrowse, screen share, agent video, and more. Glance has out-of-the-box integrations with Salesforce.com, SAP, LiveOps, Zendesk, and other solutions. In addition, our offerings integrate with a broad range of customer-facing platforms and tools to quickly provide a connection that is secure and always works. Learn More>>>Return to Blog Home