Recent headlines highlight the large corporations that have recently come under cyber-attack such as Target, Zappos, and the US Department of Energy. What you don’t read about is the drastic increase in cyber breaches to small and mid-sized companies, up to 73% reported breaches in 2012 according to Jim Patterson, western zone network security and privacy specialist for AIG.
According to the 2013 Global Corporate IT Security Risks survey conducted by B2B International and Kapersky Lab, the average cost of a security breach for large companies is $649,000 and for small companies in North America, the average is $82,000. This figure includes costs from the data leakage itself, business continuity, remediation specialists, and unplanned response costs including future prevention through the hiring of staff, new hardware, and infrastructural updates. One must also consider the soft costs associated with a breach including loss of customers and goodwill advertising to retain or attract new customers.
When Zappos was hacked in 2012, CEO Tony Hseih shared some of his soft costs associated with the breach. He went on record and reported that if even 5% of his customers called in with questions and complaints, the result would be 1 million phone calls, drastically tying up staff and resources.
It’s not only the big companies that need to be concerned about hackers threatening their databases. Cyber breaches occur to businesses of all sizes. Common causes of loss include stolen or lost devices, rogue employees, malware, staff mistake, or even improper data collection.
Almost 80% of businesses in the U.S. have fewer than 20 employees. Many of these businesses typically are technologically unsophisticated. They often set up their point of sale systems, forget to service them, and some even forget to update their anti-virus software. Even if said companies are not holding customer credit card information, if two or more pieces of personal information are disclosed, customers must be informed of the breach which results in unplanned expenditures and loss of customer loyalty.
Studies show that only about a third of business have taken precautions to transfer the cyber risk through insurance. Thoughts are that many think costs associated with a cyber-breach will be covered by their commercial general liability policy. This is not correct and generally excluded. For most, companies assume that it can’t happen to them. This is naïve and threatening to the bottom line.
With the increase in cyber crime, comes an increase in carriers that offer cyber coverage. The buying process has improved drastically. Simple applications are provided and the coverage can be tailored to fit the individual needs of a company. With the increase in carriers and losses, comes a very competitive carrier market which is great for the consumer.
Protecting your data is your responsibility. If you have questions or are interested in learning more about cyber liability coverage, please contact Stimulus Technologies' Insurance Expert Partner, Julie Sloderbeck, AAI from Brown & Brown Insurance of Nevada at jsloderbeck@bbnevada.com or 702-816-1292.
