Page 1 of 2
I know you believe that your auto liability, general liability, property, crime, employment practices liability, umbrella liability, and all the other types of insurance policies should cover you in many circumstances, but there is a new enemy out there. And it has the insurance carriers scrambling to provide adequate coverage for its customer base.
That new exposure is cyber liability, and it can be crippling if not addressed.
“Cyberspace is the next … liability exposure…with high profile cyber attacks and an arsenal of schemes to gain personal information.”
— National Underwriter, June 16, 2011
“The recent string of sensational hacker attacks is driving companies to seek ‘cyber insurance’ worth hundreds of millions of dollars.”
— Reuters, June 15, 2011
It’s your burden
Consumers bear the burden as they are less protected and thus more liable. Courts are siding with vendors and not their customers when it comes to the misuse of data. In speaking directly to the public transportation industry, the transportation company bears the burden, not the bank vendor who they process their credit card transactions with.
Please consider the following:
- The average cost for a breach of your customers’ personal information is estimated at more than $200 per record considering notification, monitoring costs and the value of lost customers.
- Most states have specific privacy laws. California has some of the most stringent laws in the country. You have a duty to notify your customers of a data breach, offer credit monitoring, pay for credit repair expenses, and face penalties and fines.
- Carriers have addressed this as the most dangerous liability exposure to come forth within the past 10 years.
- First party coverage considerations include loss of digital assets, non-physical business interruption and extra expense, cyber extortion, cyber terrorism, and security event costs.
- Third party coverage considerations include liabilities for network security, privacy, employee privacy, and electronic media.
- How a malicious code, a hacker attack, introduction of a virus, etc. could all compromise your network and trigger exposures such as release of customer information, media publishing liability, a shutdown of your system resulting in data re-construction, and business interruption.
- A cyber liability policy may offer relief from these exposures. The smart business owner understands that cyber risk is growing rapidly and will make the proactive changes to educate customers and provide protection from this latest business liability exposure.
What you may not know
Cyber crime is evident in the transportation business as almost all companies have a website, transact business via the Internet, and use credit cards. Did you know. . .
- Most artwork on websites are protected by copyright as are the informational and structural components of the websites. Lawsuits are filed every day for infringement, both copyright and substance.
- Criminals are capable of ‘scanning’ customers’ credit card information and charging these customers and you. A recent criminal activity in a transportation company happened when a clever employee mimicked the charges with his own credit card machine, and used a name similar to his employer’s. Customers did not notice these ‘mirror image’ transactions and the transportation company issued refunds on supposed duplicate transactions until they noticed the names were not identical.
- ‘Mirror’ websites are also set up which operate and mimic the host site and duplicate transactions as well to a similar account. This is normally an ‘inside’ job and is difficult to identify until it is too late.
- The cost of legal defense, the loss of revenue while handling these ‘downtime’ issues, the loss of clients due to an inability to provide clearly defined coverage, and continued potential for recurring claims make cyber insurance a no-brainer.
Take action now
The protection of privacy data is imperative, not only from a liability standpoint but also from a reputation one as well:
- Micro-cut shredders should be used when destroying paper documents as conventional shredders are easily re-constructed by thieves. Hard drives should be totally destroyed.
- Deleting information does not destroy it.
- Only collect information which is needed.
- Establish daily processes to reduce the opportunity for access to information from clients by employees.
- Purchase cyber liability as an endorsement to your current policy or as a separate policy.
Do it today as the criminals are working. If your agent has not discussed this with you, then find a new agent.