It seems that every time you turn on the television that another company is reporting that they have experienced a data breach. While the big businesses get the media attention, small businesses are affected as well. As a business owner or manager, you are probably asking, “How does this affect my company?”
Simply stated, a data breach is the unauthorized access or release of personal information to a third party. Privacy laws in each state define that businesses must protect customers’ and employees’ personally identifiable information and health information. They also define what information is considered personally identifiable and a business’s obligation in the event of a data breach. For most people the image of a hacker comes to mind, but a lost or stolen laptop could compromise your company’s data as well. For a small business, something as unseemly as an employee using their bookkeepers computer to access a website for with their child’s homework could lead to an infected website that would compromise the company’s data.
According to Symantec, the average annual cost of cyber attacks to small and medium-sized businesses was nearly $200,000 in 2010. Most small businesses don’t have that kind of money lying around, and as a result, nearly 60 percent of the small businesses victimized by a cyber attack close permanently within six months of the attack.
Many business owners believe that their General Liability insurance provides coverage for these types of losses, but it does not. Other businesses believe that if they use an online provider to manage their data they are protected, however, their user agreement typically holds the online provider harmless in the event of a data breach.
The first step is to make sure that your business is following best practices for its Information technology practices. The best defense is a strong offense and insurance companies want to see that you are doing your part to prevent data breaches from happening. The documents below provide some basic information to consider.
The second step is to have insurance to protect your business in the event of a loss. Morrow Insurance represents multiple companies that offer coverages for cyber risks depending on the needs of the business. Contact your Morrow Insurance agent for further information.
|Cyber Security for
|Four Components of
Cyber Risk Management
Preventing Data Breaches