 October is Cyber Security Awareness Month — a timely reminder that no business is too small to be targeted by cybercriminals. In fact, small businesses are increasingly vulnerable to data breaches, ransomware attacks, and phishing scams that can lead to devastating financial losses, legal liabilities, and reputational damage.
Did you know?
Cyber Liability Insurance helps protect your business by covering:
Don’t wait until it’s too late. Let’s talk about how Cyber Liability Insurance can safeguard your business and give you peace of mind. Contact us today to learn more or request a quote.
0 Comments
By prioritizing cybersecurity, organizations can mitigate the risk of data breaches, financial losses and reputational damage. Whether you're an individual or an organization, understanding the importance of cybersecurity is fundamental to navigating the threat landscape safely and securely.  The increased connectivity of the digital world means greater security vulnerabilities and cyber risk. Remote and hybrid work arrangements, increasingly sophisticated attackers, creative social engineering, and a rise in the number of passwords people use have all contributed to more cyber attacks. The results can be costly. Organizations that are ill-prepared or lacking in security and risk protocols will find themselves paying a hefty price both in reputation and financial loss.
While it’s nearly impossible to prevent all cyber attacks, your organization can reduce cyber risk by ensuring it’s prepared for the most common types of attacks. The most common types of risk are:
Am I covered my system is hacked? We recommend a cyber liability insurance policy to protect against financial losses resulting from a breach. Cyber insurance covers your cost to notify affected parties, diagnose & repair your system, regulatory fines, & lawsuits from the exposure of protected data. Contact us for more information on cyber insurance today! To learn more about each risk; please check out Dataminr's Don’t Forget About These 9 Common Cyber Risks. For more information on cyber security, click to read the Cybersecurity & Infrastructure Security Agency's Cyber Security information page. Information (c) Cybersecurity & Infrastructure Security Agency and Dataminr.  In an increasingly digital world, we are more cognizant than ever of the need to protect our personal information. We place credit freezes on our cards and encrypt our Apple watches. Business owners that collect PII and PHI (Personally Identifiable and Protected Heath Information) face serious liability risks if they don’t properly secure it. Now, the stakes are even higher as PHI also includes Biometric information such as retina scans, fingerprints, and facial features.
In 2008, Illinois became the first state to enact laws protecting the privacy of biometric data. Other states such as Washington, Texas and Virginia are introducing laws to govern this data, and Federal legislation may follow soon as well. In the meantime, insurance carriers have been silently crafting BIPA exclusions to scale back the broad coverage provided in cyber policies. So where does this leave the business owner in the event of a suit? You guessed it, holding the bag. In 2020, Facebook agreed to a $650 million settlement in a BIPA class action lawsuit (Patel v Facebook, Inc.), one of the largest consumer privacy settlements in US history. In light of this, we want to arm you with the information you need to protect your business and safeguard the private information your business may collect. Check out the articles for important information on this topic: U.S. Biometric Laws & Pending Legislation Tracker The Evolution of Biometric Data Privacy Laws  The cyber liability market has changed drastically over the last decade and so has our dependence on technology. As the world progresses to be even more digital, protecting the privacy of individuals and corporations alike, will likely be a continuously daunting task. Although the average premium for a small business cyber policy is $2,000/year, the average cost of a cyber claim could be 20 times that cost. This discrepancy is causing carriers to recoil or exit the market entirely. So where does that leave insureds who are required to carry the coverage, sometimes in towers of $5m or more? Check out this great article from Big I that delves into some of the most recent attacks and their impact on the market as a whole, as well as how unpredictable these claims may be in the future.
https://www.iamagazine.com/markets/will-cyber-liability-be-an-insurable-risk-in-10-years Written by: Venee Galloway, SBCS, CLCS, CBIA With the COVID-19 epidemic sweeping across the globe, more and more businesses are using technology to carryout tasks. Aside from the increased use of web conferencing platforms and online adherence software, everyone is seeing an uptick in emails. Inboxes are now inundated with messages from vendors, clients and colleagues all sharing COVID-19 related information to help sustain your business during this time. Unfortunately, hackers are taking advantage of the situation. There have been marked increases in the number of cyber attacks on US businesses. According to Evolve, a leading Cyber Liability managing general agent (MGA), over 4000 fraudulent domains containing the words “COVID and/or Corona” have been registered. These domains are, without a doubt, going to be used to execute phishing and ransomware attacks by posing as recognizable businesses and organizations. On March 15, 2020 the US Department of Health and Human Services reported that a distributed denial of service (DDOS) attack had been leveled against their website. In Italy, the same type of attack took down their Social Security website preventing citizens from applying for their €600 relief payments. Now that we are aware of the increased potential for a breach, we want to help you to protect your systems and data from unauthorized capture. Multi Factor Authentication – If you are not using MFA to secure your logins, then there is no time like the present. MFA adds an additional step to ensure that only authorized users are logging into your systems and applications. Many banks and social media sites have already implemented MFA, and we recommend doing the same wherever and whenever possible. Typically, once you have logged into an application with MFA, you will receive a text or email to a separate account with a validation code. That code is then entered into the application to confirm and grant access Phishing – Phishing is a way for hackers to infiltrate a network with fraudulent emails or text messages that appear to come from legitimate users. For example, you may get an email that appears to come from within your organization or from an existing vendor. Always be sure to trust your instincts. If something looks off, then it probably is. Before opening any attachments, always verify the sender by clicking their name to view the full email address. See the example below provided by FTC.gov:  This email looks legitimate at first glance, but, upon closer inspection, you will notice several things are off. Bad grammar and misspellings are often prevalent in Phishing emails or texts. Check to see if your name is missing or a generic greeting is used. Usually if you have an account, your name and account details will be included. In the example above, the scammer used the greeting, “Hi Dear” which should immediately tip off the receiver. Also pay attention to the contact listed, does it contains an email address suffix that is not common (.in, .com.co, etc.) or a phone number that is international? If so, chances are it is designed to be a scam. When in doubt, call and verify if the correspondence is legitimate using a number you have used previously or one located on the legitimate website.
Be Proactive – The best way to prevent a cyber attack is to be proactive. Make sure you change your passwords often and keep your system, antivirus and malware detection software up to date. If you receive a suspicious email, reach out to the sender to verify their identity BEFORE clicking on any links or attachments. Purchase a cyber liability policy and speak to your Agent about other cyber-crime coverages that may help you restore your service faster in the event of a breach. Although some criminals are always looking to capitalize in a crisis current situation, we want you to know there are countless others who want to help. For more information on phishing and how to protect yourself from email scams, please review the link below from the Federal Trade Commission on “How to Recognize and Avoid Phishing Scams”: https://www.consumer.ftc.gov/articles/how-recognize-and-avoid-phishing-scams |
About UsBrock-Norton Insurance Agency was born in 1992 when Jim Norton, Sr. and Everett Brock combined their agencies and talents. We have steadily grown to become one of the premier Property & Casualty agencies in the Washington DC area with clients in almost every state. As an independent insurance agency, our goal is to assist you in all your insurance needs. Categories
All
Archives
September 2024
|
RSS Feed