As the holiday shopping season began last week, Cyber Monday became the heaviest day of online shopping ever. Cyber Monday is just one example of the increased online presence of businesses and individuals alike, and with so much information being transmitted and stored online comes the increased risk of a privacy breach. A recent article in Risk and Insurance gives a good illustration on how a company can be affected by a cyber breach and outlines where liability falls if and when a breach occurs. In general, any information stored electronically is at risk, regardless of the industry a company operates in and cyber attacks can seriously impact its day-to-day operations and financial wellbeing. You can access and read the article here.
A Breach of Private Information according to New York State General Business Law 899-aa occurs when security for material considered to be part of this definition has been compromised. This will trigger legal, social and, perhaps, contractual obligations for the Company to 1) notify the parties whose information has been breached; and 2) perhaps fend off attacks on the Company requesting money or threatening to disclose private information. The average cost to notify a party and arrange for monitoring exceeds $200 per record!!! A significant data privacy breach can have a devastating effect on a Company’s Total Cost of Risk (TCoR).
Incidences of cyber attacks and data breaches are on the rise in small to midsize companies. The theft of personal information is no longer relegated to the realm of multibillion-dollar corporations and government agencies. Most victims are targets of opportunity, and organizations face an array of direct and indirect costs (on average $710,000 per incident!). Many insureds think their comprehensive general liability policies will cover these security breaches, but they are wrong. Insurance policies contain gaps created by exclusions and endorsements, making having special cyber liability insurance coverage and a proactive approach to cyber risk management a necessity.
In the coming months The ALS Group will continue to provide updates on how cyber attacks and privacy breaches can affect a company’s Total Cost of Risk as well as sharing in depth analysis of this issue with our Clients and the Risk Management Community. Please check our website (https://thealsgroup.com) for updates on future articles and white papers, and if you have any questions or would like to discuss this topic in more detail please do not hesitate to contact Albert Sica at 732.395.4251 or [email protected].