You see it in the news, in your emails, and online constantly – data security is a big concern. Who has the data, how they’re using it, and if it is protected. If you’re a business that deals with customers, you likely store some of their data (e.g., emails, birthdays, credit cards, etc.). Whether you’re a small business with a list of customer emails, or a company with proprietary data and employee records, you have data that needs to be protected.
Depending on the type of data you store – and how much – the steps you take to protect it may be as simple as having encrypted storage of your files. But as you scale up what you store, the steps can include many more layers of security, including multi-factor authentication, user privilege management, high-level monitoring, and cybersecurity consultants. But even with security in place, hackers, human error, third party breaches, and more can lead to incidents. And once an incident occurs, your business’s response is critical. Insurance coverage should be part of that response, and let’s take a look at some of the claim trends that are happening.
Social Engineering
In what is perhaps the evolution of scams that have been around forever, social engineering is the name for the manipulative practices that cybercriminals use to gain access to sensitive information. Phishing (fake company or organization emails or texts requesting secure info) is the most commonly known form of this, but hackers have elevated scams to new levels with coordinated email, text, and even phone scams that seem to validate the information they’re requesting. For smaller businesses, attempts to request money by wire or digital currency are constantly occurring.
Automated Cyberattacks
You’ve probably heard about automation for all sorts of things, so it only makes sense that cyber criminals would try to automate as well. “Crimeware” is the name for this form of automated attack, and it is used in a wide array of illegal activities. Stealing passwords, capturing your keystrokes, redirecting real websites to malicious websites – these are all activities being automated to perpetrate identity theft through social engineering or stealth.
Prolonged Cyberattacks
Hackers are now using methods called heavy “campaigns” to try and test systems and find their vulnerabilities over time. One such method, A distributed denial-of-service (DDoS) attack occurs when multiple systems flood the bandwidth or resources of a targeted system, usually one or more web servers. A DDoS attack uses more than one unique IP address or machines, often from thousands of hosts infected with malware.
Cyber Liability Coverage
In addition to your data security plans, having the right insurance in place can help protect you and your customers. Some businesses may only need an endorsement to their general liability policy to add appropriate cyber coverage, but for many, a standalone cyber policy is needed that provides broader coverage and higher limits. Talk with our agents about the data your business stores and let us help you determine what policy option might be right for your business’s needs. We can help you better understand your risks and options.