Tag: Cyber Security Insurance

5 businesses that need Data Breach Insurance

Insurance to protect a business in the instance it has a data breach is becoming much more common.  This risk is only going to grow stronger as more and more information is stored digitally.  There are three main policies a company can secure, Cyber Security, Cyber Liability and Technology Errors and Omissions Insurance.  The first two coverages are typically sold together and the third is sold to specialized technology companies. Not all small businesses will need Technology Errors and Omissions Insurance.

Data Breach Insurance

Cyber Security Insurance

Cyber Security Insurance is also known as Privacy Notification and Crisis Management Expense Insurance.  Cybersecurity insurance is designed to protect eh damages to you and your business.  It can mitigate losses from a variety of cyber incidents, including data breaches, business interruption, and network damage. A robust cybersecurity insurance market could help reduce the number of successful cyber attacks

Cyber Liability Coverage

Also termed, Information Security and Privacy Insurance, Cyber Liability Insurance covers the insured’s liability for damages to third parties resulting from a data breach. It does not cover expenses that deal with the immediate response.  This type of insurance protects businesses which sell products and services directly on the internet.  Also, it protects businesses which collect data within its internal electronic network.

Technology Errors and Omissions Coverage

Technology Errors and Omissions Insurance (also known as Professional Liability Insurance or E&O) is a form of liability insurance that helps protect businesses providing all types of technology services and products.  This coverage prevents businesses from bearing the full cost of defending against a negligence claim made by a client, and damages awarded in a civil lawsuit.

Consider the impact to your business if:

  • A software glitch causes a client to lose important data.
  • A flawed program installation keeps a client from receiving orders.
  • Missing code prevents a customer from booking reservations.

Costly mistakes can happen, even to people with the best training and years of experience. It’s human nature. That’s why Technology Errors and Omissions Insurance is essential to protect your business.  Agents at Technology Insurance Shop.com have the industry insight to help tailor coverage to your individualized needs.

Get the best answers to Cyber Security Insurance questions at MyInsuranceQuestion.com

 

Medical/Dental Offices

Medical Dental Offices store just about every bit of a client’s personal sensitive information.  This can include the customers date of birth or social security number, their credit card and bank account numbers, or even their sensitive medical information.  Protecting your business from the potential of this falling in to the wrong hands is extremely important for the long term success of any business.

Law Offices

Lawyers have a legal obligation to keep every bit of information they receive confidential.  When and if this information is made public it can have extremely drastic effects to the clients a law firm is representing.  Cyber security, cyber liability are needed for all law firms and depending upon the scope of the business, some law firms may also need technology errors and omissions coverage.  Speaking long and honestly with a trusted independent insurance agent can help determine the risks your law firm faces and what type of coverage you need.

Accounting Firms

Accounting Firms store clients most sensitive financial information. The information that they have is some of the most valuable information a cyber-criminal can get access to.  For this reason, it is extremely important to protect your accounting firm with cyber security and cyber liability insurance coverage.

Architecture and Engineering Firms

Architecture and Engineering Firms have access to the plans of new and existing businesses. If this information falls in to the hands of cyber criminals or the client’s competitors, the impact can be extreme.  These firms are one of the few businesses that need all three types of insurance related to data breaches. Cyber liability will cover your liability to third parties, cyber security will help with the damages to you and your business and technology errors and omissions coverage will help protect you from problems with technology expertise and advice your business may give.

Retail Businesses

Retail businesses are one of the most common places for cyber criminals to access a victim’s sensitive financial information.  As more and more purchases are made with a card instead of with cold-hard cash, retail establishments are a prime target for cyber criminals. Criminals use techniques as simple as a skimming machine at an atm or a gas station pay at the pump location.  Once the information is accessed it is commonly sold on the black market for other criminals to create fake debit and credit cards for access to the victims hacked accounts.

5 Insurance Policies you might not realize your Small Business needs.

Once a year every small business owners takes on the daunting task of purchasing insurance for their business. Most start with the bare minimum coverage. In most states it is legally required to have workers’ compensation and general liability coverage in place before you open your doors. This is just the bare minimum coverage a business needs to protect it from the risk the business faces. A few other coverages, like commercial property or auto coverage, are obvious to most business owners.  There are several other risks business owners may face that they may not realize. Here are 5 such coverages business owners may not realize they could benefit from.

 

Inland Marine

Inland marine coverage is a specialized form of property insurance for equipment your business owns that is not a piece of property nor a vehicle. It is frequently referred to as ‘floaters’ coverage. This is because the equipment covered is meant to be in transit.  A prime example of a company who needs this coverage is a landscaping company who has trailers and lawnmowers that they transport away from their premises on a regular basis.

Hired and Non-owned Auto

Many small businesses think if they do not own vehicles they do not need any form of auto coverage. That may be right, but in many instances this is not correct. If you have employees who run simple errands like running to the post office or to the bank to make change for the register than your business is liable for injuries that happen as a part of that business activity.  Another common time this coverage comes in hand is when you have employees who travel and use a rental car as part of their trip. In most instances the coverage you buy from a rental car coverage will cover the car you are driving, but not other liability risks related to the business. Hired and Non-owned Coverage take help protect your business from those risks.

Cyber/Data Breach Coverage

Cyber insurance consists of two coverages that are almost always sold in tandem. One covers first party damage to you and your business and the other covers third party liability to third parties who may be damaged by your business as the result of a data breach.

EPLI

Employment Practices Liability Insurance is a specialized type of liability coverage for wrongful acts the may arise from the employment process. This coverage includes claims that include wrongful termination, discrimination, sexual harassment, and retaliation.  Depending upon the carrier and the particular policy you secure it can extend to cover claims like inappropriate workplace conduct, defamation, invasion of privacy, failure to promote, deprivation of a career opportunity, and negligent evaluation.  Lawsuits of this type have been on a steady increase for two decades.  If you stay in business long enough it is a matter of when, not if, you face an EPLI Claim.

Owners and Officers Coverage

This type of insurance coverage is specifically designed to cover defense costs and damages arising out of wrongful act lawsuits brought against an organizations board of directors or officers.  It is crucially important to have this coverage in place for growing small businesses and especially Non-profits.  Officers can provide very beneficial guidance to these types of organizations and one claim, whether founded or not, can result in huge losses for the organization.

6 Ways to Keep Your Small Business Safe

Safety can mean a lot of things to a lot of people. In the business world, the perception of safety can mean a lot of things to a lot of different business owners. What it takes to properly protect your business should be something that is taken very serious by all of the decision makers within your business. Safety can mean securing the property at night when you are away from the building or it can mean properly training your employees to use the equipment they will be using as part of their job. It can even be having the proper policies in place to prevent your business from a data breach. There is a laundry list of things that can be included in your businesses strategy to properly keep your business safe. Here are 6 strategies to keep in mind when protecting your small business.

Hire the right people

It may seem obvious, but the people you hire are your most precious asset. Making sure they are the right people can go a long way towards the safety of your business. There are many ways you can go about checking up on your applicants. Criminal background checks, motor vehicle driving records, investigating their references and checking their college transcripts are all great places to start. Sometimes you will have to rely on your gut reaction to them from an interview, but taking extra time to make sure the people you hire are the right people will start your business off on the right foot when attempting to keep your business safe.

recruiting-new-employeeshire

Train people effectively in the first place

Once you have hired the correct people for your organization it is not enough to just set them loose. You must properly train them in the art of protecting your business the way that is best for your organization within your industry. and think everything in your business will remain secure. They need to know what is important to your organization and how you expect them to conduct business. This may seem obvious, but far too many business owners forget this part of their organization. An employee in HR or Marketing might be coming to you from another industry. They may not see the potential risk that exists for your business in your industry. Take the financial services industry for example. This industry deals with every bit of a customers’ sensitive information, most importantly their financial accounts. If they are coming from another industry where the business does not have access to these types of materials’ they may not fully understand the need to safeguard everything they do. Another industry, like commercial cleaning, has risks where they are allowing employees in to a business after hours when they are the only people in the facility. This opens up the possibility for theft or access to internal computer networks. Training new employees properly will prevent risks from getting out of hand later.

Have well-documented, well thought out Safety Programs

Safety programs entail a lot depending on your business. Don’t be afraid to make them more or less extensive based on the needs of your business. It should start during the initial training/onboarding process for all employees. If you make it clear to them from the beginning that safety is important to your business than they will implement this in to their daily work routine. Like many things in life it is always easier to start tight and loosen up than to start loose and try to tighten up later. That works for a safety program as well.

Defensive Driving Class

Defensive Driving Program

Having a Defensive Driving Program in place can make drastic difference in the frequency and severity of accidents that occur among your employees. If you have employees that operate a vehicle as part of their job they need to have their driving record pulled at least once a year. As part of the hiring process, many businesses require employees to pay for the driving record themselves. This can help weed out applicants with the worst driving records. It saves you time and money on the front end from going through the hiring process with someone who will not be getting the job because of their driving record.

Buying the proper insurance.

Having proper insurance is essential to any good business plan. How much and what types of insurance a business needs, is completely dependent upon the business owner. It depends on how much risk they are comfortable taking and what types of risk they actually face. This is something a good independent insurance agent can help you determine. Many business owners face risks they do not realize and that is where having a long honest conversation with your agent can help you get properly insured. In most states and in most industries it is legally required to carry Workers Compensation and General Liability Coverage. But there are several other coverages that may be necessary depending upon the industry you operate in. Most carriers have programs set up for each specific classification code and they are called Business Owners’ Policies. In most cases this is the best way to go about purchasing commercial insurance.

Take cyber security seriously

Cyber security is a real threat to nearly all businesses. Regardless of how technologically advanced your business is there is a threat in the cyber world. Two of the largest data breaches in history were first started by small businesses first being hacked and allowing access to a larger network of customers through a vendor partnership. Many business owners think data breaches occur through highly technological criminals hacking in to a computer. That is the source of many data breaches, but many start with something as simple as someone leaving out a post-it note with their username and password or an employee taking a laptop home for remote work and the laptop getting stolen out of their car. Those are real risks that any business can have and they can cause a huge cost to your business when they do happen.

Get the best answers to Cyber Security questions for small business owners here at my insurance question.com

Data security becoming a bigger issue for hotels

The hotel industry is seeing a rapidly growing trend of data security breaches that are part of the latest trend of industries targeted by cyber criminals. The trend is now reaching the radar of the general public, after Hilton Hotels & Resorts acknowledged hackers stole credit card information from a large number of the franchise locations in November.

According to Barry Kouns, President & Chief Executive Officer at Risk Based Security, there have been 49 reported data breaches from the hospitality industry between 1/1/14 and  11/31/15. Kouns acknowledges that many breaches go unreported by organizations. Of the group of reported breaches, almost 60% exposed client credit card numbers, according to Risk Based Security.

This two-year long trend first received some notice after hotel owner, developer and management company White Lodging acknowledged a cyber hack in the first quarter of 2014. That attack (as has been the case with the Hilton breach and the Mandarin Oriental data breach) targeted point-of-sale devices inside of restaurants, coffee bars and gift shops located within the 14 hotels breached. The White Lodging  cyber attack was where the issue really first came on the radar for the hotel industry.

In fact, that attack prompted John Buchanan to write his article “Sources: Data breach shows industry liability” on Hotel News Now.com. In that report, Buchanan sites an expert who discusses how the industry is being threatened and is seen as a good target for cybercriminals — especially for franchise chains within the industry.

Part of the reason franchises make such an attractive target is because the franchise models typically have a standardized model, even within their computer systems. Because of that standardization, when a security deficiency exists within a specific system, it can be used against the entire franchise.

Former Washington Post reporter Brian Krebs broke both the Hilton and White Lodging breaches on his blog, Krebs on Security. White Lodging confirmed a second data breach in February 2015, attacking the same systems in different hotels.

What can hotels do to protect themselves?

The biggest issue most hotels seem to struggle with centers around their inability to quickly implement security patches in their networks. One of the easiest suggestions Mr. Kouns offers to those in the hospitality industry is for the company to conduct regular network scans and to fix issues.

Another key implementation step is to make sure that anti-virus software and definitions are kept updated. New viruses come out every day and the anti-virus protection software is usually pretty good at staying on top of the new viruses, offering fixes regularly. If a company isn’t updating their anti-virus software, that company is leaving itself exposed for a potentially avoidable hack.

Risk Based Security is one of several companies that offers different solutions to businesses to help them mitigate their risk of a data breach. They offer a subscription service designed to provide clients with the tools, services and resources to stay informed about the latest security threats and have ready access to security expertise while maintaining a continuous improvement posture.

Another key element is providing training to employees regarding cyber security. Many data breaches occur when an employee has either visited a website or clicked on an email that corrupts the computer. Most of the time, the employee is aware that they have made a mistake … but since nothing obvious happens right away the employee is tempted to stay quiet rather than bring up the issue to their IT department and potentially get in trouble.

Some of the most successful companies to avoid data breaches discuss open communication and react in a supportive way when a computer is attacked. That reaction encourages employees to report potential data breaches, which can make the difference between catching an issue quickly, or having your company’s name attached to the next data breach report.

What is Cyber Insurance? Does my business really need it?

Cyber Insurance is a new and emerging part of the insurance sector. Most of the coverages are so infant that common terms have not yet been established by the insurance industry. Most of the risks associated with cyber technology are so new that many business owners still think they do not effect their business. Those business owner’s are wrong.  In today’s day and age, it is becoming more and more difficult to operate a successful business without a presence online or without storing some type of information about your customers. In these situations a business must have cyber insurance or run the risk of being liable for all costs as a result of a data breach.

Learn how to prevent your small business from being a victim of a cyber attack at myinsurancequestion.com

A normal General Liability Insurance Policy does not cover damages caused by most data breaches. This is a fact many business owner’s do not realize. Many business owner’s think General Liability Insurance is an all encompassing coverage. It is not all encompassing. Most General Liability Policies covers losses due to bodily injury and property damage. Third party information lost in a data breach does not fall under losses covered by a General Liability Policy. A separate Cyber Insurance Policy is necessary in addition to a General Liability Policy.

Frequently business owner’s think they just don’t have enough customers for cyber insurance to be relevant. They might think not enough people in their business even use a computer for business purposes or they do not have enough customers for someone to want to hack them, but the main way data is stolen is not from sophisticated hacking techniques. Data is often stolen by someone stealing a laptop. A stolen laptop could happen to any business, not just those who work with advanced computer technology.

When a data breach does occur, the average cost to a business is around $200 dollars per customer. If your business loses the information of 100 customers, it could cost your company $20,000. If that amount were 10,000 customers it would cost about $2 million. Could your business survive a loss of these amounts? If not than you need some form of cyber insurance.

There are three main types of coverage a company may need:  Cyber Liability, Cyber Security and Technology Errors and Omissions. The first two deal with coverage resulting from a data breach. The third deals with companies that provide technology services and products.

Keep your business secure from a data breach by reading the most up to date information about cyber insurance at my insurance question.com

Cyber Security

Cyber Security is the term most commonly used to refer to first party coverage. First party coverage deals with damages to you and your company. These damages are often referred to as the immediate response costs resulting from a data breach. These costs include notifying all customers who are affected, hiring a forensic team to find out how the breach occurred and providing credit monitoring services for up to one year. These three costs are required by law in most states. Cyber Security Coverage would also cover costs like hiring a public relations firm to help repair your businesses tarnished image and setting up a post breach call-center to service customer concerns.

 Cyber Liability

Cyber Liability is the term most commonly used to refer to third party liability dealing with a data breach. Some industry professionals may refer to it as Information Security and Privacy Insurance. Third party coverage deals with damages to anyone who is not you or your employee, who was harmed by the data breach. It includes customers whose data was stolen or vendors you do business with. This will pay up to the policy limits for court costs, defense costs, some fines related to the breach and lost monies that were stolen from those effected.

Technology Errors and Omissions

The final type of coverage is Technology Errors and Omissions Insurance. This type of policy is a form of liability insurance that helps protect businesses providing all types of technology services and products. This coverage prevents businesses from bearing the full cost of defending against a negligence claim made by a client, and damages awarded in a civil lawsuit. Costly mistakes can and will happen, even to employees with the best training and years of experience. Technology Errors and Omissions Insurance is designed for when these errors take place. A good example where this coverage is necessary would be if a web developer provided faulty coding that causes a business to be closed for several days because their website is down.

Not all businesses need all three of these coverages. The most common coverages businesses need are Cyber Liability and Cyber Security. Not all businesses will need Technology Errors and Omissions Insurance, but those that do typically are at a very high risk if not insured. Most insurance providers prefer to offer these coverage’s as a part of a Business Owner’s Policy (BOP). A BOP usually includes general liability, business property, business loss of income, EPLI and cyber insurance. Offering packages like this contain the cost to the business and helps ensure there are no gaps in coverage. In today’s business climate some form of cyber insurance is essential to all businesses. Is your business at risk?