What Every E-Business Needs to Know About Data Breaches

In the past, crime was pretty straightforward. Today’s thieves don’t need horses or getaway cars, because their crimes often take place online. And it’s not just cash that they’re after. The loot sought by cyber criminals is often Personally Identifiable Information (PII) or sensitive data, including…

  • Passwords.
  • Credit card numbers.
  • Medical records.
  • Social Security numbers.

As a result of rising cybercrime, having online business insurance or ecommerce insurance policies, such as Cyber Liability Insurance, is one way a business can protect itself.

How Your IT Business is Vulnerable to Cyber Attacks

Now that businesses are more likely to be attacked by a criminal online, an internet insurance solution like Cyber Liability could be the most valuable policy in your IT business insurance arsenal.

Cyber Liability Insurance can cover losses for cyber incidents, including…

  • Data breaches.
  • Business interruption.
  • Network damage.

Bob Zeglarski (@BizLawyer), founder of Cutwater Law, PLLC (@CutwaterLaw) says most Cyber Liability policies cover “data destruction, or if your data is stolen, if you’re being hacked, if there is extortion involved; denial of service attacks; and crisis management activity that you have to implement in connection with the privacy breach.”

As a small IT business, you never know when…

  • A bored 15-year-old hacker might destroy your website or servers just for fun.
  • That new intern you hired could unwittingly open an email containing malware, resulting in ransomware getting installed on your network.
  • You could be targeted by a rival IT business intent on accessing your files and poaching your client list.

These types of issues are known as first-party data breaches, meaning your business is the one affected by the breach. If your systems are hacked or you experience a data breach, a first-party Cyber Liability Insurance policy can help pay for the cost of:

  • Security incident investigation.
  • Customer notification.
  • Anti-fraud protection for customers.
  • Crisis management.

“The reason Cyber Liability Insurance policies are being recommended so frequently is that they are meant to address the first-party costs, including the investigation and the cost of forensics,” says Brian Dusek (@brianjdusek), partner at McCullough, Campbell & Lane LLP. “Those costs can be very significant since it’s very detail-oriented work.”

While it’s important to protect your business with a first-party Cyber Liability policy, most IT businesses are far more likely to be impacted by a third-party breach involving a client’s data being hacked.

When a Customer Gets Hacked, Third-Party Cyber Liability Insurance Can Help

Any time you are charged with protecting customer data, you are vulnerable to a third-party cyber lawsuit.  Dusek says three industries are most frequently targeted by thieves:

  • Finance.
  • Healthcare.
  • Retail.

“IT companies need to look at who they are servicing, where there clients are practicing, and what risk their clients are facing there,” Dusek says.

Say your IT business was hired by an accounting firm to create a portal for its system, and because of an error when you created the portal, a data breach occurs.

“So let’s say this firm has 1,000 clients in 50 states, and all of a sudden the information of 1,000 people in 50 states is breached,” says Nace Naumoski (@nacenaumoski), partner at Stewart Bernstiel Rebar & Smith. “A data breach like that, it could cost hundreds of thousands of dollars to mitigate and would most likely put any small IT company out of business.”

If your business is sued by a client for a data breach, third-party Cyber Liability Insurance can help pay for:

  • Attorney fees.
  • Settlement costs or damages.
  • Other court expenses.

Third-party Cyber Liability coverage may already be included in your Professional Liability Insurance, but because each policy is different, it’s always a good idea to talk to your insurance agent to double check.

Why Data Breaches are Public Enemy #1 for Retail Businesses

Retail businesses are a prime target for cyber thieves due to the high volume of customer credit card information they collect and store. While data breaches like the ones suffered by Target and The Home Depot are the ones we see reported the most, the majority of data breaches actually impact small businesses.

Naumoski says data breaches at retail giants give smaller companies a false sense of security. “In fact, the vast majority of our clients in the data breach space are mid-size to small companies,” he says.

If you have customers that operate brick-and-mortar stores, or even an online shop, you could be on the hook if you work on anything having to do with storing and protecting customer information, including…

  • Names.
  • Addresses.
  • Email addresses.
  • Phone numbers.
  • Credit card numbers.

To find out how much Cyber Liability coverage your business might need, read “How Much Cyber Liability Insurance Is Enough?