Gulfshore Insurance > Gulfshore Blog > Commercial Risk Management > Cyber Risk Landscape: What is it? Who is Targeted?

Since 2010, over 2,400 cyber-attacks have been reported in the United States exposing 382 million private records. 2013 was one of the worst recorded years for cybersecurity and 2014 is on track to surpass it; the overpowering number of attacks has increased momentum among insurance providers and legislators to produce more substantial safety measures.

Recent attacks affected well-known organizations such as JPMorgan, Target, eBay, NATO, Adobe, Neiman Marcus, and many more. In April 2014 many companies were affected by the Heartbleed Bug, though only a fraction reported lost records until this month when it was reported that Community Health Systems suffered a breach that may have affected as many as 4.5 million patients.

For the first time ever, cybercrime has moved into the top 10 global business risks. According to a recent study that analyzed published data, business organizations accounted for 84% of records exposed by cyber-attacks, followed by medical and healthcare organizations at 9.6%.

cyber breach percentages of business

The Ponemon Institute conducted a study of 314 companies across 10 countries and found that U.S. companies suffer from the highest total average cost for data breach – $5.85 Million in 2014. Additionally, U.S. companies also have the largest number of exposed records, each costing nearly $246 per exposed record. This study also found that the most common reason for data breach was criminal activity, followed by human error and system glitch.

Cybersecurity main causes graph

Nearly 2 million corporate cyber-attacks occur every week according to the Ponemon Institute; companies of all sizes should gauge their risks considering the new requirements for proactive security measures and notification of clients. Below are steps that your company should consider taking for information protection:

  1. Review your existing information protection policies and procedures.
    • Policies should reflect your company’s actual practices, and not just what they would do in an ideal situation. Consistency is important if a security breach requires litigation.
  2. Encrypt Personal Information – Especially Mobile Devices
    • Encryption disguises information using sophisticated mathematical formulas, and data is only available to be read by a user with the correct password.
  3.  Develop a response plan for a possible data breach.
    • Keep in mind it may not only be from a malicious attack, it could also be human error or a system glitch. Having a plan in place could help mitigate risk.
  4. Obtain cyber liability insurance
    • Talk to a trusted insurance advisor about the potential risk of a data breach and how it may financially impact your business.

Creating a robust cyber security plan to protect your client’s data may be a good start but is it enough? Because our society is so reliant on data and mobility the cyber space is extremely dynamic, to ensure you are protected from a major threat talk with your trusted insurance agent about acquiring cyber liability protection. Simply answer as few as 5 questions to uncover your cyber protection needs. Cyber liability covers costs for items such as investigating breaches and repairing networks, compensating credit card issuers for fraudulent activity, fighting lawsuits and responding to regulatory probes.

John Keller, CRM ARM CIC AAI is the Director of Risk Management and Claims at Gulfshore Insurance. John works with a wide range of business clients to deliver strategic risk analysis and guidance. Comments and questions are welcome at jkeller@gulfshoreinsurance.com

Tags: , , , , , ,