Small businesses rely on their reputations to attract and keep customers. Once a reputation is marred, it is extremely difficult to regain the trust and goodwill developed through years of first class service to the community. It is vital for any business to diligently protect its reputation.
Unfortunately, businesses today must be aware of the abundance and variety of internal and external threats that, without proper attention and follow-up, can harm or ruin a thriving business.Owners of small businesses must employ a range of sound business practices to protect their operations, including, but not limited to,
inspirational leadership, responsible budgetary controls, a focus on diversity and equality, community involvement and investment in risk management planning. One of the major threats you, as a small business owner, must be aware of in the current environment is the exploding growth of cyber attacks. Even though your business diligently protects the data of customers, the reality of a breach in your system should be considered and prepared for. General liability policies specifically exclude losses incurred through use of the Internet. The good news is that a good cyber liability policy can pick up where your general liability policy leaves off.
Recent news of data breeches by major corporations should wake us all up to the problem. Target and Neiman Marcus are two examples of companies whose reputations were damaged due to cyber attacks. They were able to mitigate the damage and should be able to recover from the challenges caused by their respective breach. But a small business could potentially lose it all without proper planning and expert assistance.
Potential costs of a data breach
- Cyber-crime attorney: $700 per hour
- Investigation and Computer Forensics expert: $300 to $700 an hour
- Third party victim notification (mail a notice letter): $14 an hour per customer
- Credit monitoring for customers: $10-$12 a year per person
- Qualified public relations firm: $10,000 per month or $400 an hour.
Mark Greisinger, President of NetDiligence, a leading cybersecurity assurance company.
The costs associated with a cyber attack could be extensive. For example, if it is estimated that it costs a small business $200 per identity stolen through a data breach, then a men’s clothing store that closes five sales per day would end up paying $365,000 for the data breach of a year’s worth of customers. An MRI clinic that performs ten scans a day, five days per week for one year, would result in a $520,000 liability in order to notify all patients.Many policies pay for the cost of notifying customers of a breach and the expense of hiring a public relations firm to repair any damage done as a result of a cyber attack. In the event it may be necessary to hire a crisis management firm to ensure that these notifications are handled and documented in accordance with state-specific requirements, the right policy will help with those expenses. In addition, a good policy can cover any regulatory fines or penalties you might incur because of a data breach, while other policies pay for business interruption, which can prevent a crippling effect until you are able to resume normal cash flow.
The bottom line is that everyone is fair game for a cyber attack. Publilius Syrus, a 1st century BC writer said, “A good reputation is more valuable than money.” So protect your small business’ reputation by preparing now for the eventuality of a cyber attack, making an aggressive plan, and putting the plan in place.
Tips on How to Manage Your Cyber Liability Risk:
- Develop and implement an appropriate cyber security policy
- Install a formal process to update software, firewalls and anti-virus programs
- Safeguard mobile devices that hold sensitive personal data with encryption codes
- Safeguard personal information within the workplace, segregating pay information and personal details on a separate part of the network and restrict access to staff on a privilege basis
- Implement regular staff training on security procedures
- Establish a crisis management plan that can be executed as soon as you detect a potential security breach
- Before outsourcing any business functions, such as payroll, web hosting, or data processing, investigate the company’s security practices.
- Put into service a cyber liability insurance policy to cover this type of liability
Seven key elements of a Cyber Liability Policy
Forensic Expenses: You have determined that data has been compromised and need to investigate what happened, how it happened, and what information was accessed. The expenses to hire an outside forensic team for discovery will be covered.
Legal Expenses: You will need legal representation in order to determine the scope of the federal and state notification requirements for data breaches. You will also need legal counsel to defend you in the event a suit is filed against you.
Notification Expenses: These expenses can include postage, paper, printing, call centers, etc.
Regulatory Fines and Penalties: What more can I say? The government will want, and get, their pound of flesh.
Credit Monitoring and ID Theft Repair: While not legally required, it is generally agreed that offering these services to the affected parties will reduce potential legal liability and is considered the right thing to do.
Public Relations Expenses: The manner in which the breach is reported to the media is crucial to
restoring your reputation and maintaining your clients, vendors, business associates, partners, and patients.
Liability and Defense Costs: It’s not uncommon for class action lawsuits to be filed against you
following a breach. You will need legal representation which can be of your own choice or appointed by the carrier. Either way, coverage is available for these costs.
Most policies will include some coverage for all of these components. The limits, deductibles, coverage triggers, and scope of coverage can vary greatly from one carrier to the next.
NCW has been managing clients' risk since 1926. NCW Insurance has evolved into one of the premier independent insurance agencies in Texas with a staff of over 30 professionals in 4 offices. We constantly review the ever-changing insurance landscape, looking for the most cost-effective solutions for our clients.To learn more about NCW visit us online at www.neely.com. Kimberly Dryden can be reached at our Amarillo office
by calling 806.376.6301 or by email at firstname.lastname@example.org.
Posted on March 4, 2014
by Team NCW filed under