You read about it all the time and see it on the news. "The XYZ Corporation experienced a data breach this week that may have affected 350,000 customers." Of course, that's if you're not working 18 hours a day and have time to watch or read the news. It's out there, and it's going to happen to your business sooner or later unless you prepare for it now.
· Dedicate a Budget - Since cyber attacks are no longer "if" but are now "when", it makes sense to dedicate a budget for the various steps you'll need to take to keep your systems safe. Rarely do you see a line item on the expense sheet dedicated to cyber security.
· Risk Assessment - Contract with an experienced and reputable cyber-security firm to analyze your work environment and establish a complete list of defenses that need to be put in place.
· Preparation - Once your threat risks have been determined, it's time to commit those funds needed for the best software, training for staff members, and maintenance. Off the shelf software that was designed for personal home computers is not going to cut it. Your business is not safe using $20 software to defend against an attack that can cost many thousands of hard-earned dollars.
· Stay Informed - Keep an eye out for present threats that have been reported by newscasts and industry magazines. If you are taking serious action to protect your business, then get serious about knowing your threats.
Mitigate Your Risk
Your risk of a data breach is not as much about how your clients will react, but about what it will cost you financially when an attack occurs. Every state has regulatory requirements for what you must do following a cyber attack. These requirements are extensive and ongoing and considered punitive in most cases. The state regulators are more concerned about the consumer and less concerned about your business' survival. For this reason, you must mitigate your financial risk by obtaining a comprehensive Cyber Liability Insurance policy that provides the following coverage:
o Coverage for data loss and system damage - Your BOP will cover damage to your hardware from a covered peril, but provides no coverage for damage to the data.
o Business Interruption - You will typically suffer a loss of revenues resulting from downtime following a hack, virus, or denial of service.
o Notification Expense - Your state is going to demand certain notification requirements to be made at your expense. This is not limited to data that was compromised, but also data that is reasonably believed to have been compromised. You are also likely to be required to provide credit monitoring services which can result in significant additional expenses.
o Crisis Management - This coverage reimburses for the cost of public relations assistance. Your business brand has been attacked, and it takes an experienced PR professional to limit the resulting damages.
o Content Liability - This coverage provides reimbursement for costs associated with actions resulting from accidental copyright infringements, slander, and invasion of privacy.
Today is the day every business owner who hasn't already put Cyber Liability prevention and mitigation in place to get started. Contact a local professional to evaluate your risks and an insurance professional to help you mitigate them. Be afraid, be very afraid! If you have questions about cyber liability contact Skyline Risk Management, Inc. at (718) 267-6600 to discuss your concerns.