Tag: Cyber Security

Do you know the early warning signs of a Data Breach?

According to a report release by released by the Identity Theft Resource Center (ITRC) and CyberScout, more than 1500 business were the victim of a Data Breach in 2017. The cost of these data breaches, according to a Cost of Data Breach Study administered by the Ponemon Institute, was $3.62 million. This amounts to more than a $5 Billion cost to the business community in 2017 alone. This is a risk that your business can protect by purchasing adequate Cyber Insurance, but there are additional steps that can protect your business from a data breach on a daily basis.  Here are six things every small business should do to prevent a Cyber Attack.

Data Breach Insurance is a must for all Small Businesses.

Hire people who know Cyber Security

If you are not technologically advanced, it is imperative that you hire someone who is and pay them well. The average price of a data breach is TKTKTK. Hiring a well-trained professional to protect your business is extremely important. Paying them a good salary is the best way to keep them from being poached by the competition.

To prevent a Data Breach, Watch for Unusual Behavior

If a computer program that you use daily starts acting up, investigate it for more than just a hardware or software malfunction. Any time there is an irregularity, check that system for any further compromises.

Investigate Suspicious Files

Any time malware is detected, or an employee reports opening a suspicious file, do not take any chances. In the American system of justice, defendants are innocent until proven guilty. Well in the realm of cyber security, it is always best to assume the system is infected until proven other wise.

Run Scans to prevent a Data Breach

Anti-virus and anti-malware programs need to be up-to-date. Someone within your business should run vulnerability programs to look for missing protections or other security risks.

Check Your Credit

Customer information is not the only confidential information on your businesses server. There is plenty of information about your your business and the employees.  If you are a small business owner you should keep a tight watch on both your business and personal credit history. A drastic change in either of these reports can show your business has been compromised.

Monitor Computer System Communication for signs of a Data Breach

Your or your IT representative should regularly monitor communication patterns on your network. If use see an employee’s computer transmitting large amounts of data, especially outside of the network, it could be a sign of a hack.

 

Drones and Aerial Photographs

Drones are helping the insurance industry process claims much quicker in disaster ridden areas.

In the wake of three devastating hurricanes this fall, many insurance carriers have begun to use drones and and other aerial vehicles to aide in the claims process.  The use of drones have sped up the turn around time for claims processing dramatically.

Drones and Aerial Photographs

Unfortunately, this fall far too many small businesses are beginning to understand the need for protecting their small business with adequate insurance. These same business owners are also getting more familiar with the claims process between the business, the insurance agency and the insurance carrier.  If they did not know before, they are becoming familiar with at this time, the fact of how crucial it is for a claim to be processed quickly.  Getting victims back to everyday life can have an enormous impact on the communities impacted by natural disasters. This is what the insurance industry is striving to help the communities hurt by the hurricanes over the past few months.

Technology is helping in many ways. First, drones are helping carriers take both still photos and video to observe properties they are not physically able to visit. The carriers can use the information they get from drones, both in the form of aerial photographs and video, to create 3D images of the impacted area. Technology is now allowing them to do this at scale and determine what percentage of a property is destroyed without ever setting foot on the property. Now, this is not possible in all circumstances, but it is possible in many. Every case that is sped up, frees the adjusters to move on to other victims who desperately need help.

According to an article with the Insurance Journal, a recent KPMG (Klynveld Peat Marwick Goerdeler) Survey found, “the two biggest challenges facing insurers are the difficulties in assessing property damage and managing customer expectations”. As a result of the same survey insurance executives overwhelmingly said, ‘To improve claims efficiency and communication with customers, insurance executives cited the use of drones as one of the technologies they will utilize to help quickly settle claims’. Drones are helping with these exact problems facing the insurance industry, by allowing those within the industry to show the victims, with pictures and video, what they are doing and how they are going about doing it.

Through the use of drones many companies within the industry are able to drastically speed up the processing time for claims by allowing the insurance claims processor to get a majority of the claims process done without the ability to physically visit the property. Once they are able to get out to the property, insurance professionals can use the drone to examine several properties in a particular area in a short amount of time. This allows the claims adjuster to spend a short amount determining what properties are most devastated and will need the most of his time. It can also allow the adjuster to determine if another property does not need any further observations on his part and free up time for him to observe other areas that are severely devastated.

This is just the tip of the iceberg for how this and other technologies will help the insurance industry, better serve their clients in the future.

 

3 Types of Cyber Insurance Every Business Should Have

What if my business does not deal with computers? Does that mean I really don’t need Cyber Liability Insurance?  What if I am the only person in my business who uses a computer?  Doesn’t that mean I don’t face all that much risk?  Let’s say I might need Cyber Insurance, but what kind and how much?

Do any of these statements sound familiar? If so, you definitely need Cyber Liability Insurance. The term Cyber Liability Insurance is used pretty generally because cyber security is such a young sector and the data about the risks are changing very rapidly.  Business owners and insurance companies are still having trouble determining who is at risk and how much risk those businesses actually face. Just because this is a new type of insurance coverage does not diminish the importance it can have for protecting your business.

Cyber Liability Insurance

Many business owners think a data breach can only occur to a big multi-national corporation. For the big data breaches that make the news, this is certainly true, but the truth is most data breach first start out with small mom and pop businesses. These mom and pop businesses are first hacked with the hackers intention of gaining access to a much larger database.  This usually occurs through carious types of vendor partnerships. In the case of Target and Home Depot both of these breaches were first accessed by a much smaller business partner, who was hacked.  For this reason it is immensely important for you to talk with an experienced independent insurance agent about all the risks your business faces.

The three main types of Cyber Liability Insurance Coverage are Cyber Security, Cyber Liability and Technology Errors and Omissions Insurance. The first two deal with risks relating to a Data Breach. The third deals with companies that provide technology services and products.

Cyber Security

Cyber Security Insurance is also known as Privacy Notification and Crisis Management Expense Insurance.  This coverage includes coverage for first party damage to you and your business. This coverage does not protect your business from damage done to third parties. Cyber Security Insurance deals specifically with the immediate response costs associated with a data breach. In many cases it is required by law to find out how the breach occurred, notify those affected and provide credit monitoring services for one year.

Examples of costs included in Cyber Security Coverage include:

  • hiring a forensics expert to determine the cause of the breach, suggest measures to secure the site and prevent future breaches

  • hiring a public relations agency to assist in dealing with the crisis

  • setting up a post-breach call center

  • notifying affected individuals whose personally identifiable information (PII) has been compromised

  • monitoring these individuals’ credit (usually for 1 year)

  • paying the costs to “restore” stolen identities as a result of a data breach (e.g., expenses of notifying banks and credit card companies)

Cyber Liability

Cyber Liability

Cyber Liability Insurance, also termed Information Security and Privacy Insurance, covers the insured’s liability for damages resulting from a data breach. It does not cover expenses that deal with the immediate response cost. This type of insurance protects businesses which sell products and services directly on the internet.  Also, it protects businesses which collect data within its internal electronic network. The most common forms of data breach involve personal or financial information like credit card numbers, bank account information, social security numbers, health information, trade secrets or intellectual property.

The types of situations where this information are accessed include:

  • An employee’s car is broken into and a business laptop is stolen.

  • An email containing sensitive customer information is sent to the wrong person.

  • Important paperwork, like a credit application, is taken during a break-in.

  • Failure to timely disclose a data breach.

Technology Errors and Omissions

Technology Errors and Omissions Insurance, also referred to as Professional Liability or E&O, is a form of liability coverage that protects businesses who provide or sell technology services and products. This coverage prevents businesses from bearing the full cost of defending against a negligence claim made by a client, and damages awarded in a civil lawsuit. This can include business who sell and service computer products, but it can also include graphic designers and advertising agencies who create digital content that can harm a company’s reputation. It covers computer programmers who may create faulty code for a website that causes that business to mail products to the wrong addresses.

Cyber Liability Insurance is a new and emerging part of the insurance industry and it is not going anywhere. These risks are only going to become stronger as more and more business operate online. Before too long Cyber Security Insurance will be a normal part of businesses insurance policy just like workers compensation Insurance and general liability Insurance are today. Now is the time to consider if and how much cyber insurance your business needs.

5 businesses that need Data Breach Insurance

Insurance to protect a business in the instance it has a data breach is becoming much more common.  This risk is only going to grow stronger as more and more information is stored digitally.  There are three main policies a company can secure, Cyber Security, Cyber Liability and Technology Errors and Omissions Insurance.  The first two coverages are typically sold together and the third is sold to specialized technology companies. Not all small businesses will need Technology Errors and Omissions Insurance.

Data Breach Insurance

Cyber Security Insurance

Cyber Security Insurance is also known as Privacy Notification and Crisis Management Expense Insurance.  Cybersecurity insurance is designed to protect eh damages to you and your business.  It can mitigate losses from a variety of cyber incidents, including data breaches, business interruption, and network damage. A robust cybersecurity insurance market could help reduce the number of successful cyber attacks

Cyber Liability Coverage

Also termed, Information Security and Privacy Insurance, Cyber Liability Insurance covers the insured’s liability for damages to third parties resulting from a data breach. It does not cover expenses that deal with the immediate response.  This type of insurance protects businesses which sell products and services directly on the internet.  Also, it protects businesses which collect data within its internal electronic network.

Technology Errors and Omissions Coverage

Technology Errors and Omissions Insurance (also known as Professional Liability Insurance or E&O) is a form of liability insurance that helps protect businesses providing all types of technology services and products.  This coverage prevents businesses from bearing the full cost of defending against a negligence claim made by a client, and damages awarded in a civil lawsuit.

Consider the impact to your business if:

  • A software glitch causes a client to lose important data.
  • A flawed program installation keeps a client from receiving orders.
  • Missing code prevents a customer from booking reservations.

Costly mistakes can happen, even to people with the best training and years of experience. It’s human nature. That’s why Technology Errors and Omissions Insurance is essential to protect your business.  Agents at Technology Insurance Shop.com have the industry insight to help tailor coverage to your individualized needs.

Get the best answers to Cyber Security Insurance questions at MyInsuranceQuestion.com

 

Medical/Dental Offices

Medical Dental Offices store just about every bit of a client’s personal sensitive information.  This can include the customers date of birth or social security number, their credit card and bank account numbers, or even their sensitive medical information.  Protecting your business from the potential of this falling in to the wrong hands is extremely important for the long term success of any business.

Law Offices

Lawyers have a legal obligation to keep every bit of information they receive confidential.  When and if this information is made public it can have extremely drastic effects to the clients a law firm is representing.  Cyber security, cyber liability are needed for all law firms and depending upon the scope of the business, some law firms may also need technology errors and omissions coverage.  Speaking long and honestly with a trusted independent insurance agent can help determine the risks your law firm faces and what type of coverage you need.

Accounting Firms

Accounting Firms store clients most sensitive financial information. The information that they have is some of the most valuable information a cyber-criminal can get access to.  For this reason, it is extremely important to protect your accounting firm with cyber security and cyber liability insurance coverage.

Architecture and Engineering Firms

Architecture and Engineering Firms have access to the plans of new and existing businesses. If this information falls in to the hands of cyber criminals or the client’s competitors, the impact can be extreme.  These firms are one of the few businesses that need all three types of insurance related to data breaches. Cyber liability will cover your liability to third parties, cyber security will help with the damages to you and your business and technology errors and omissions coverage will help protect you from problems with technology expertise and advice your business may give.

Retail Businesses

Retail businesses are one of the most common places for cyber criminals to access a victim’s sensitive financial information.  As more and more purchases are made with a card instead of with cold-hard cash, retail establishments are a prime target for cyber criminals. Criminals use techniques as simple as a skimming machine at an atm or a gas station pay at the pump location.  Once the information is accessed it is commonly sold on the black market for other criminals to create fake debit and credit cards for access to the victims hacked accounts.

6 Ways to Keep Your Small Business Safe

Safety can mean a lot of things to a lot of people. In the business world, the perception of safety can mean a lot of things to a lot of different business owners. What it takes to properly protect your business should be something that is taken very serious by all of the decision makers within your business. Safety can mean securing the property at night when you are away from the building or it can mean properly training your employees to use the equipment they will be using as part of their job. It can even be having the proper policies in place to prevent your business from a data breach. There is a laundry list of things that can be included in your businesses strategy to properly keep your business safe. Here are 6 strategies to keep in mind when protecting your small business.

Hire the right people

It may seem obvious, but the people you hire are your most precious asset. Making sure they are the right people can go a long way towards the safety of your business. There are many ways you can go about checking up on your applicants. Criminal background checks, motor vehicle driving records, investigating their references and checking their college transcripts are all great places to start. Sometimes you will have to rely on your gut reaction to them from an interview, but taking extra time to make sure the people you hire are the right people will start your business off on the right foot when attempting to keep your business safe.

recruiting-new-employeeshire

Train people effectively in the first place

Once you have hired the correct people for your organization it is not enough to just set them loose. You must properly train them in the art of protecting your business the way that is best for your organization within your industry. and think everything in your business will remain secure. They need to know what is important to your organization and how you expect them to conduct business. This may seem obvious, but far too many business owners forget this part of their organization. An employee in HR or Marketing might be coming to you from another industry. They may not see the potential risk that exists for your business in your industry. Take the financial services industry for example. This industry deals with every bit of a customers’ sensitive information, most importantly their financial accounts. If they are coming from another industry where the business does not have access to these types of materials’ they may not fully understand the need to safeguard everything they do. Another industry, like commercial cleaning, has risks where they are allowing employees in to a business after hours when they are the only people in the facility. This opens up the possibility for theft or access to internal computer networks. Training new employees properly will prevent risks from getting out of hand later.

Have well-documented, well thought out Safety Programs

Safety programs entail a lot depending on your business. Don’t be afraid to make them more or less extensive based on the needs of your business. It should start during the initial training/onboarding process for all employees. If you make it clear to them from the beginning that safety is important to your business than they will implement this in to their daily work routine. Like many things in life it is always easier to start tight and loosen up than to start loose and try to tighten up later. That works for a safety program as well.

Defensive Driving Class

Defensive Driving Program

Having a Defensive Driving Program in place can make drastic difference in the frequency and severity of accidents that occur among your employees. If you have employees that operate a vehicle as part of their job they need to have their driving record pulled at least once a year. As part of the hiring process, many businesses require employees to pay for the driving record themselves. This can help weed out applicants with the worst driving records. It saves you time and money on the front end from going through the hiring process with someone who will not be getting the job because of their driving record.

Buying the proper insurance.

Having proper insurance is essential to any good business plan. How much and what types of insurance a business needs, is completely dependent upon the business owner. It depends on how much risk they are comfortable taking and what types of risk they actually face. This is something a good independent insurance agent can help you determine. Many business owners face risks they do not realize and that is where having a long honest conversation with your agent can help you get properly insured. In most states and in most industries it is legally required to carry Workers Compensation and General Liability Coverage. But there are several other coverages that may be necessary depending upon the industry you operate in. Most carriers have programs set up for each specific classification code and they are called Business Owners’ Policies. In most cases this is the best way to go about purchasing commercial insurance.

Take cyber security seriously

Cyber security is a real threat to nearly all businesses. Regardless of how technologically advanced your business is there is a threat in the cyber world. Two of the largest data breaches in history were first started by small businesses first being hacked and allowing access to a larger network of customers through a vendor partnership. Many business owners think data breaches occur through highly technological criminals hacking in to a computer. That is the source of many data breaches, but many start with something as simple as someone leaving out a post-it note with their username and password or an employee taking a laptop home for remote work and the laptop getting stolen out of their car. Those are real risks that any business can have and they can cause a huge cost to your business when they do happen.

Get the best answers to Cyber Security questions for small business owners here at my insurance question.com

4 ways your Small Business can prevent a Data Breach

In today’s day and age, there are many ways businesses take and face risks. Some businesses are in industries where they take risks just in the fact that they are open for business. That can be a roofing company who has employees who climb on top of a house on a daily basis. Other businesses face risks in hiring and firing employees, generating enough revenue to stay afloat and most importantly the risk of becoming victim to a data breach.  Most business owners do not think twice about purchasing commercial property insurance, but many still hesitate to secure small business data breach insurance.  This is a mistake because it does not matter the size nor the scope of your business, every business is a target for being hacked and every business is at risk for a data breach.

Obtain the best information about how to protect your small business from a cyber attack and where to buy small business data breach insurance at myinsurancequestion.com

Two of the largest data breaches in history were Target and Home Depot. Both of those breaches were accessed by first hacking in to a smaller company before gaining access to the larger company. Niether of these businesses had Small Business Data Breach Insurance. In the case of Target, the company was Fazio Mechanical Services and in the case of Home Depot, the company provided credit and debit card processing. These companies had been hacked weeks if not months prior to accessing the system of the larger company.  If your business works for any larger business than you could be at risk of being a target for hackers. If you choose to protect your business with data breach insurance this may not be as damaging.  Even if your business does not partner with larger companies you could still be a target for hackers just to get the information of your customers. This is a costly risk that you are taking without properly insuring your business and without taking precautions to protect your business. According to the Ponemon Institute it costs a business on average $174 per record. Other studies show it costing more. Taking these numbers in to consideration it would cost your business more than $17,000 for just 100 records being compromised. if that were 1,000 records it would cost $174,000. If that is not a cost your business can withstand than you need to have Small Business Data Breach Insurance Coverage and on top of that you need to be taking the proper steps to preventing this from happening. Here are four simple things your business can do to prevent a data breach.

Train your employeesLearn about the needs for Small Business Data Breach Insurance at My Insurance Question.com

The prevention of data breaches starts with your new hire training. If an employee is going to be using a computer they need to be trained on how to protect the company from being at risk. Do not assume employees know how to do this. Many employees may be very capable of doing a job for your business that is necessary. This does not mean they are computer savy and are properly trained to protect your business from intruders. Take the time and effort on the front end to properly prepare your employees to defend your business against hackers and it will provide dividends on the back end.

Help each employee protect their work space

Logging out and locking up your desk when away and over night are crucial. Even if the employee is just stepping away to the restroom it is crucial to lock up their devices. In most business environments, there are customers, vendors and other employees who may gain access to your computer while you are away.  You do not have to create a culture of mistrust to do this. On top of locking down your devices it is also important to not write down passwords on a post it note or some other piece of paper. It may be rare, but if these passwords fall in to the wrong hands it can cost your business immensely.

Require long passwords 

Passwords need to have certain requirements to be allowed. The best way to make this easier for your employees is to give them examples of what you want. here are a few examples of how someone can make a password strong and still make them rather easy to remember.

6h1fl,j2Oc49=

This would be an example of a password that is extremely secure.

BaSeBaLl_2345+6789

This would be an example of a password that is a little less secure, but easier to remember.

JoeSmith or password

These are examples of terrible passwords that should not be allowed.

I like using something similar to the middle password because I can change the word Baseball with the time of the year. In the Fall I might use Football or Autumn, in the Winter I might use basketball or Thanksgiving. This allows me to change the password frequently but not having to remember an entirely new password. There should also be a time period for how frequently a password must be changed. Every 90 days is a good rule of thumb, but many businesses have different requirements based on the needs of their organizations.

Shred everythingTo prevent a Small Business Data Breach make sure your employees shred everything that could be used in a cyber attack.

In today’s day and age, there is no reason any personal information should ever be disposed of without first being shred. There are outside businesses that can dispose of the shredded material. Some of these businesses will even recycle this paper, which is something you can share with your employees, customers and vendor partners. If any of these groups are environmentally conscious this can be a bonus to them and will add to your credibility as a business.

 

Business Loss of Income Coverage

Business Loss of Income Coverage is an addition to a Commercial General Liability Policy.  It can be added to a Business Owners Policy (BOP) for as little as a few hundred dollars, depending on the size of your business. It covers the loss of income from damage to your building that results in a slow down or suspension in business. For many business owners; this coverage may not seem all that necessary, but when an incident occurs this coverage can many times be the difference between a business reopening or closing for good.

The most basic way a need for this coverage occurs is when a building catches fire. When this happens, the general liability and commercial property policies will cover a businesses expenses to repair the building to its previous condition. These policies will not pay to cover loss of revenue if your business is slow or suspended for an extended time. This can be thousands of dollars depending on how long your business is closed.

As a business owner it is important to realize that a Business Loss of Income Policy only kicks in if the loss is a covered loss. Meaning that if the loss occurs from something like an earthquake or flood; and the business does not have special coverage for that peril, than the business loss of income policy does not kick in. This is important to note in areas that have natural disaster risks. Examples of this are Florida for hurricanes, California for earthquakes, Missouri for tornadoes, everywhere for flood risks. Another risk that is associated with Business Loss of Income is Data Breach. When a data breach occurs it very likely can cause you to be closed for a certain amount of time while the data breach is dealt with. If you have Data breach Coverage in place than this will be a covered peril. If not the Business Loss of Income will not kick in and you are liable for the additional loss of revenue.

When a business owner decides to add this coverage the important thing to consider is how much risk you are willing to take and determine if that risk is worth the amount you save in premium. For most businesses this coverage can be added for a few hundred dollars. If it is added to a business owners package it can be even less. In most cases this cost is well worth the benefit you get when an occurrence does happen. In most instances, when a devastating accident occurs and a business does not have this coverage, the chances of them ever reopening are far less than if they have this coverage.