Cyber Liability
What You Need To Know About Cyber Liability
For many years now, there has been awareness that companies should be accountable for the safeguarding of the personally identifiable information of their customers. One particular law that helped to raise awareness was the Health Insurance Portability and Accountability Act (HIPPA) of 1996. The vast majority of states have amended their state laws to address how companies and state agencies must respond to a security breach that results the compromise or potential compromise of personally identifiable information. Most state laws dictate that in the event of a breach, not only must the organization notify the affected individuals, but also the specific state agency.
Businesses such as health care providers, banks, law firms, accountants, hotels, retail stores, schools, public entities, charitable organizations, mortgage brokers, insurance agents, and other professional service providers, restaurants and any other business that maintains records of personally identifiable information all have a cyber liability exposure.
Today, the vast majority of businesses rely on their computer systems to run their business and to service their customers. The inability to operate their computer system due to a cyber attack can cause severe financial damage to the organization.
In order to protect your organization from cyber-attacks, the following cyber risk management techniques can be implemented:
- Train employees in cyber security principles
- Install, use and regularly update antivirus and antispyware software on every computer
- Use firewall for your internet connection
- Download and install software updates for your operating system as they become available
- Make backup copies of important business data and information
- Control physical access to your computers and network components
- Secure your Wi-Fi networks
- Require individual user accounts for each employee
- Limit employee access to data and information and limit authority to install software
- Regularly change passwords
In addition to the listed cyber risk management techniques, the Federal Communications Commission (FCC) provides a tool for businesses that can create and save a custom cybersecurity plan for your organization, choosing from a menu of expert advice to address your specific business needs and concerns. It can be found at www.fcc.gov/cyberplanner.
Even when an organization implements sound risk management techniques and protocols to prevent a cyber-attack, they can still fall victim to cybercriminals. In order to provide protection for both first-party losses (losses sustained by the organization) and third-party losses (losses sustained by others), an organization can purchase cyber liability insurance.
Not all cyber liability insurance policies are the same. Coverages can and will vary depending on the carrier and the insuring agreements purchased. When evaluating which cyber liability policy is appropriate for your organization, it is important to evaluate both the first-party insuring agreements and third-party insuring agreements being offered.
Key first-party insuring agreements include the following:
- Cyber Extortion - Costs to investigate, negotiate and settle threats made against the insured related to intentional computer attacks
- Privacy Breach Response - Expenses for breach response services such as notification, credit monitoring and indentity/credit repair
- Business Interruption - Loss of income due to interruptions in business caused by breaches of an organizations network
- Crisis Management - Expense of retaining a public relations firm to help mitigate damage to the organizations reputation and brand image caused by a cyber attack
Key third-party insuring agreements include the following:
- Technology Errors & Omissions - Error or omission in the performance of technology services resulting in third-party loss
- Privacy Liability - Failure to protect private or confidential information
- Security Liability - Failure of network and information security to prevent the transmission of computer viruses
- Media/Content Liability - Libel, slander, and other forms of disparagement, etc. with respect to the display of materials as well as infringement of a copyright by your website content
- Regulatory Actions - Regulatory actions brought by state or federal agencies to enforce privacy regulations
When evaluating cyber liability alternatives for your business, it is crucial to be sure that the policy you select to protect your business contains the appropriate insuring agreements. The Risk Management professionals at Hardenbergh Insurance Group can work with you to evaluate your exposure and to ensure that the appropriate coverage is in place to protect your business.
Join Our Newsletter
Get the latest news on insurance policies delivered to your inbox.
Latest News
Cyber Security
This is the Digital Age. Computers are everywhere: in your homes, schools, and businesses. Roughly 3.8 billion people use the Internet worldwide, with 78.2% of the US population (that’s roughly 252.6 million people) having Internet access. The Internet has given rise to many useful benefits – online education, ease of paying bills, a way to entertain and so on. Even with all the positive aspects of being online, there are negative aspects as well. Cybercrime, to be precise.
Cybercrime is a very serious threat and anyone who uses the Internet is susceptible to it. There are people out there who can ruin your entire life from knowing something as simple as your name or phone number. Your name, phone number, credit card PIN number, and even photos, make up your online identity. Safeguard them as best as you possibly can.
Cyber Security is the force that can combat cybercrime. It is for the protection of computer systems from any theft or damages to their hardware, software or information, as well as from disruption or misdirection of the services they provide. Just as you would secure your home, it is important to secure your identity online as well. Here are 5 ways that you can protect yourself from cybercrime:
Antivirus
One of the easiest ways that hackers can gain access to your personal information would be through viruses such as Trojans and Malware. Malware can record keyboard strokes and send them to an external source. This information can be used to record sensitive information that you enter, without you even realizing it. One method to combat this is to install a reputed antivirus program to detect and remove these harmful programs. Consider paying for a premium service of one, as opposed to the free version, since they tend to provide more features.
Professional Protection
If you trust your protection in the hands of another, then you’ll want to hire the best that you can afford. They can monitor your identity and take immediate action, should something shady arise. In certain instances, they can react to disturbances faster than you. Plus, the majority of services tend to be quite affordable.
Password Managers
Do you tend to save your passwords somewhere on your computer? Perhaps in a document or in your browser? Although browsers can provide some level of protection with your passwords, you shouldn’t depend on them completely. This is where professional password managing software come into play such as LastPass, 1Password, and Dashlane. They are all excellent choices to safeguard your sensitive logins. Even more so if you have sensitive company information.
Stay informed
New viruses and methods to steal private data are popping up all the time. Just recently, ransomware garnered much notoriety in global news in the form of the WannaCry attack that crippled thousands. You need to constantly stay informed to determine these new threats to your data and the best way to stop them.
Personal Caution
Don’t open emails from unknown sources and only download apps from legitimate platforms. Knowing this tactic can save you a lot of time, money, and trouble later on.
Facts About Cyber In New Jersey
(data collected originally by nj.com)
Ransomware: Malicious software designed to block and ultimately wipe the data of an infected computer unless a ransom is paid.
N.J. victims: 77
Losses: $373,996
Phishing: Unsolicited email or text messages that appear to come from a legitimate company or agency, seeking personal information or log-in credentials.
N.J. victims: 575
Losses: $401,737
Credit card fraud: Theft and fraud involving illegal charges to someone’s credit card.
N.J. victims: 292
Losses: $1.06 million
Corporate data breach: The theft or leak of confidential business or customer data.
N.J. victims: 292
Losses: $1.09 million
Extortion: Shakedown through threats of public exposure, physical harm or criminal prosecution
N.J. victims: 334
Losses: $1.4 million
Non-payment/non-delivery: Goods and services are shipped to a buyer who never pays/Payment is sent to a seller who never delivers the goods
N.J. victims: 1,973
Losses $3 million
Compromised email accounts: A scheme targeting both businesses and individuals regularly performing wire transfer payments, compromising email accounts to conduct unauthorized transfers of funds.
N.J. victims: 292
Losses: $8.69 million