Today nearly every company relies on a computer network connected to the Internet or a website for their operations, including e-mail for communications. Any company that stores private customer data on their severs as well as has files with personal information regarding employees is running the risk that they will be hacked or infiltrated by cyber criminals.
As technology continues to play a bigger role in business, companies are becoming more exposed to emerging cyber risk. As a result, businesses are spending more time reviewing their data security standards and validating risk management practices. Many customers, because of all the recent news stories involving security breaches at large retail chains and major banking institutions are now requiring proof of insurance that will address many of these privacy breach events.
Many federal and state regulatory agencies getting involved
Both federal and state agencies, in many cases, have put increasing responsibility for privacy and network security breaches on businesses. Any corporation that has received a letter notifying them of a security breach from an entity that they do business with has probably been impacted by these regulations.
For several years now the Internet has been a highly resourceful delivery channel for information, billing, referrals, and research by automating traditional workflows that have improved the operational efficiency of many business models, but unfortunately has also brought new responsibilities and additional, heretofore unprecedented risks. The accessibility that the Internet affords us, despite all of the pluses, increases vulnerability to the theft, alteration or disclosure of personally identifiable information which can affect an organizations earnings, reputation and operations. The sad part is that these infiltrations often come at the hands of trusted employees or even vendors that the company regularly does business with.
Most companies carry a general liability policy, which provides protection against suits from third parties alleging bodily injury or property damage. For example, when a company sells a product (or even the packaging it comes in) that causes an injury to a customer. But traditional insurance policies do not provide sufficient coverage with regards to network liability, failure to protect, or wrongful disclosure of personally identifiable information.
Our growing dependence upon the Internet has given rise to loss potentials that can run into the millions and it is all related to privacy, intellectual property, network security and digital content disputes. Therefore, specific Cyber Liability policies should be considered as part of a comprehensive cyber risk management program.