CALL TOLL FREE: 855-833-3604
Follow Zarwin Baum on Twitter Follow Zarwin Baum on Facebook Follow Zarwin Baum on YouTube Follow Zarwin Baum on LinkedIn Print Contact Us Office Locations

No Company is Too Big or Too Small for Cyber Crime

March 3, 2015

A recently released cyber claims study has produced some eye popping data for all businesses to consider in this, the “Year of The Cyber Breach.”  The NetDiligence Cyber Claims Study for 2014  – which is a survey of leading cyber insurers word-wide – reveals that hackers were the most frequent cause of cyber losses, with mistakes made by staff a distant second.  Malware/virus introduction into a company’s server and rogue employees also significantly contributed to cyber claims. And according to this year’s study, PII (personably identifiable information) was most often sought by cyber intruders.  PHI (personal health information) was the next likely record to be stolen, and PCI (payment card information) was a close third.

Most importantly, the study examined the real costs of cyber breaches to businesses and to insurance companies.  Hold onto your wallet, folks!  According to the study, the average claim payout was $733, 109, with the average claim payout in the Healthcare sector being $1.3 million, and for a large company, $2.9 million.  The average legal costs for companies and their insurers was $698,797.  Crisis services costs (forensics, notification, misc.) on average were $366,484.

Not too surprisingly, the study found that smaller organizations experienced the most incidents. The authors theorized that this is because smaller organizations are less aware of their exposure and commit fewer resources to risk assessment and data security and assessment.

So what is the take away from this study?  ALL businesses are targets for cyber-crime, no matter what their revenues. When it comes to a breach, it is not a question of “if”; rather, it is a question of “when.”  If your systems hold data that hackers want, you are vulnerable to attack and significant losses if you don’t put the right protections in place and a plan to deal with a breach when it occurs.  A few suggestions: consider hiring a cyber-forensics firm to conduct a cyber-risk assessment of your systems.  Ask yourself where, when and for what length of time is sensitive data stored, as storing data in one system can increase the damage from a single breach.  Consider encryption of sensitive information.  Implement a security awareness program in your business to guard against rogue employees and outsiders who may have access to terminals and passwords.  Finally, consider cyber insurance coverage.  Cyber insurance policies provide coverage for a variety of loses arising from a breach including, legal, forensics, business interruption, notification and reputational harm.

Ted Schaer is board certified in Privacy and US Data Protection (CIPP/US).  He advises clients on privacy and cyber related issues and leads the Zarwin Baum’s Data Breach response team. He is the Chief Information and Security Officer to the Firm.

HOME CONTACT SITE MAP DISCLAIMER © 2019 Zarwin Baum DeVito Kaplan Schaer Toddy P.C.