It appears that over the past several weeks, it is becoming evident that Data Breaches are increasingly becoming a cost of doing business in the digital age. The big challenge is avoiding common mistakes in the aftermath. A little planning in advance can help restore an organization’s credibility since many remember the response far longer than the breach itself. Read the article as this expert has some great points.
Penn Station East Coast Subs, a popular food chain in Midwest USA, issued a warning to customers via its website on Friday, after some 20% of their franchisee-owned restaurants suffered a data breach. The breach resulted in unauthorized access to an untold number of debit and credit cards. Penn Station East Coast subs is a popular place to eat in the Midwest and will likely suffer loss of income due to this breach, notification expenses and will have to do some brand rebuilding to get there sales back on track. Now this may not seem like a big deal, but this data breach could cost this franchisor hundreds of thousands, if not millions when all the dust settles. The breach was reportedly going on for some 2-3 months and anyone who ate at their restaurants during that time period may have had their credit card information compromised. If the company has a good Cyber Liability policy including data breach in place then it should weather the storm. If not, I wouldn’t want to be their insurance advisor! Or should I say old advisor…for the full story
The Obama Administration unveiled a “Consumer Privacy Bill of Rights” this past month as part of a comprehensive blueprint to improve consumers’ privacy protections and ensure that the Internet remains an engine for innovation and economic growth. The blueprint will guide efforts to give users more control over how their personal information is used on the Internet and to help businesses maintain consumer trust and grow in the rapidly changing digital environment. Consumer Privacy Bill of Rights Yet another reason why every business should have some type of cyber liability insurance to cover them in the event of a claim.
Every IT organization knows that a data storage device failure is inevitable. The failure may come from a malware attack, a spilled cup of coffee or a dropped computer. Companies are usually challenged with recovering data from drives that have not been backed up. According to a report released by the Ponemon Institute, of the 87% who responded, 21% reportedly had a data breach in the past 2 years, and said the drive that was affected was in their possession. The study went on to point out that a number of companies did not have a reputable data recovery vendor in place. These companies not only suffered a business interruption, but where also vulnerable to a loss or theft of sensitive and confidential information. Every company should have a policy in place with guidelines, for selecting a reputable data recovery service provider. Here is the link to the full report downloadable as a Whitepaper sponsored by DriveSavers
Tracey Vispoli, SR VP and Cyber Liability Mgr. with Chubb Insurance company speaks about Cyber Liability Insurance Tracey speaks out about the growing need for this CL protection. Coverage that was originally developed for the financial institution world is now needed by any business that handles personal information of its clients. She feels that it is just a matter of time before most everyone is compromised. Her inerview is posted on Property & Casualty 360. A insurance underwriter website dedicated to educating the insurance industry. Tracey’s Interview
According to a blog written by David Harlow he is estimating that in the medical industry, the going rate for a compromised medical record is $1000. Maybe that doesn’t seem like alot, but if you have 4.24 million members as Sutter Health has, that ads up to $4.24 billion claim. Any size company that is handling personal identifiable information today needs to have cyber liability in place. Depending on your company size, you may be able to get it added to your current general liability policy. If not, there are several companies that are offering standalone policies that will give you coverage for this type of security breach. When you looking around for coverage make sure you get data breach coverage that covers not only your company as the 1st party, but you also want 3rd party coverage. You may incur costs for the following:
- Rebuilding of data and repair your computer system.
- Forensic investigation as to what happened.
- Rebuilding or your companies reputation
- Compliance with HIPPA regulations
- 1-2 years of credit monitoring for the 3rd parties
Texts can resurface in employment law litigation, so employees should be trained to keep all of their communications, including texts, professional. All too often, employees think that their texting is personal. Texting is now being introduced as evidence in employment litigation in the workplace. Is your employee covered under your business insurance for inappropriate behavior in this area? http://smallbusiness.aol.com/2010/12/15/the-8-rules-of-smartphone-etiquette/
Recently the House Energy & Commerce Subcommittee held meetings on Communications & Technology. Witnesses testified on cyber security threats to US small business sector as well as the government. What should be the governments role in this be if any? http://222.c-spanvideo.org/program/PrivateSect