(Page 3 of 3)
Those protections cover not only reporting, but litigation expenses from setbacks such as identity theft and lost business as a result of the breach. The legal exposure can be more severe if the breach came from within the company, as was the case in 21 percent of events in 2013 reported by executives surveyed by the security company PCW.
When small companies concentrate resources on updating their systems with emerging technology for efficiency, but not always for increased security, it is essential to have the right policy to fill in the gaps of other coverage and protect against a catastrophic breach event. Consider for example, the breach that hit the ironically named retailer Target earlier this year, costing the company millions, and sending profits in the fourth quarter down 46 percent. Professional network LinkedIn, Yahoo! and even dating site eHarmony have also been breached.
Yet despite the clear advantages of cyber-liability protection, nearly two-thirds of public companies aren’t taking advantage of it, according to a survey by Chubb and other sources. It’s not that they don’t believe they’ll be hacked. In fact, 71 percent of companies surveyed said they do have a risk plan to deal with potential threats.
For 57 percent of decision-makers, however, their current plan doesn't include cyber-liability coverage. That means they could potentially be betting their future, or at least millions in assets, on malware analysis and deep-packet inspection. The gamble goes on while hackers and cyberthieves continuously up their game by sharing tools and exploits.
Hopefully, they won’t have to revise that strategy by learning the hard way.
Author David Turkaleski is director of Commercial Insurance at Clements Worldwide, the leading provider of international insurance solutions for individuals and international organizations.