Data Breaches Affect Large and Small Businesses
A couple of years ago, the Ponemon Institute conducted a survey to determine what the actual cost of a lost company laptop might be. The result was staggering — $49,000.
Posted in Data Breach Insurance on Friday, October 16, 2015
If you are surprised by the amount, consider that you will not just have to replace the laptop. There is the cost of looking for it, replacing it as well as replacing the data that was on it. In addition, unless the laptop is brand new and contains no private information such as passwords or customer information, the laptop is a treasure chest of information. At best, you’ll have to increase your security to prevent a potential breach, and at worse, you’ll have a data/privacy breach to deal with.
The cost can vary, but the reality is that it will be expensive.
For more than a decade, a small number of insurance companies have offered data breach insurance. The idea was to have a policy that would cover costs due to a data breach or privacy crisis that might include but not limited to the cost of notifying your patients of the breach, credit monitoring for your customers, the investigation, legal costs, etc.
The conversation about data breach insurance has picked up steam in the past year for two important reasons:
- more companies have reported a breach
- different types of companies are being impacted
In 2014, there were at least 26 high profile breaches at retailers and financial institutions. This does not account for the thousands of businesses that were impacted by a series of malware attacks designed to create access to networks. Many estimates show the costs associated with data breaches have doubled each year since 2012 as the attacks become more sophisticated.*
Perhaps more alarming are the types of companies that are affected.
Where hackers were once looking for financial data, they are now looking for any type of data that can be used for financial gain. In 2015, there was a breach at an insurance company where more than 80 million records of past and present customers and employees were hacked. The information included names, Social Security numbers, birthdays and addresses, but did not appear to include credit card numbers or medical information. This is likely similar to the information that a D.C. maintains.
If you don’t think you are at risk, consider that hackers target small businesses because they know they don’t have the sophisticated systems in place to stop breaches. And, forget sophisticated, many small businesses don’t even take the Simple Steps of Protection
This is not a fear tactic, but a wake up call to make sure you are protected if a breach were to occur at your practice.
In 47 of 50 states, there are laws that make it mandatory for businesses to report a breach. So, it is more than likely you will have costs associated with the notification. But what about the costs associated with repairing your reputation? If your network is breached, it will become expensive quickly.
So where do you start?
Contact your agent at NCMIC Insurance Services and ask what, if anything, your business owners’ policy covers. Then ask about data breach insurance and your cyber security needs and how to make sure you are ready if a breach were to occur.
* 2015 Data Breach Investigation Report conducted by Verizon