Error Omissions
Error Omissions
Submit your information below so we can contact you with a FREE quote
[All fields are required.]
Actual Annual Revenue:
Verify:
=
I have read and agreed to theTerms & Conditions
Error Omissions
Error Omissions

Why Cyber Liability Is Must-Have Insurance


Why Cyber Liability Is Must-Have InsuranceCompanies to Step Up Cyber Security Measures in 2014

In the 1990s, employment practices came to the forefront and the need to address issues involving hiring, firing, and management of employees in the workplace through company policy and procedures became standard practice. Moreover, as regulations expanded regarding employment practices and lawsuits proliferated, Employment Practices Liability Insurance (EPLI) became a must-have component of a firm’s comprehensive risk management solution. Today, all types of businesses, large and small, carry EPLI.

Cyber Liability insurance is now becoming what EPLI is: a standard insurance solution and an integral facet of mitigating privacy and network security risks for public and private companies, nonprofits, and businesses across all industry segments. What does this mean? Companies are increasingly stepping up their cyber-security risk management strategies and looking to insurance programs to protect their assets in the event of an incident that involves data breaches, theft of trade secrets, and loss of customer information.

In fact, in a report recently released by Kroll, a global leader in risk mitigation and response solutions, it’s predicted that heightened expectations among consumers, advocates and regulators will require organizations to step up cyber measures for 2014. In Kroll’s third annual “Cyber Security Forecast”, seven trends are listed set to change the tide in cyber standards, both social and legal, and will require organizations to take stronger actions and safeguards to protect against reputational, financial, and legal risks.

 

What’s in Store for 2014?

Among the trends identified by Kroll, we should expect to see standard best practices being implemented by all organizations – from conducting an effective risk assessment to implementing sound cyber-security practices and platforms. This is as a result of the government’s directive for the National Institute of Standards and Technology (NIST) to develop a framework for organizations to reduce cyber-security risks. “Whether compulsory or unstated, these standards will drive organizational decision-making with regard to cyber security,” states the Kroll report. “Those companies that don’t may find themselves subject to shareholder lawsuits, actions by regulators, and other legal implications.”

Moreover, corporate board audit committees, as part of their fiduciary responsibility, will be taking a greater interest in cyber-security risks and the organization’s plans for addressing them. This comes on the heels of the increased number of data breaches we’ve seen in the last couple of years and the publicity they’re garnering in headlines. Kroll expects corporate audit committees to begin to focus on the connection between cyber security and an organization’s financial wellbeing. “They will expand their attention beyond the financial audit process to the organization’s strategic plans for protecting non-public information and risk-mitigation plans for responding to a possible breach.”

Another challenge involves the acceleration of cloud and BYOD (Bring Your Own Device) adoption, which will require greater accountability for implementing policies and managing technologies. IT leaders in 2014, according to Kroll, will need to work closely with senior leadership and legal counsel to adapt corporate policies in a way that addresses changing legal risks, while effectively meeting the need of the organization.

Kroll’s report is also supported by another recent study conducted by Booz Allen, a leading provider of management consulting, technology, and engineering services in the public and private sector. According to the Booz Allen study, which focused on the financial services industry, concerns among leadership (risk managers, CIOs, etc.) over cyber-security risk management is acute in today’s “new normal” of persistent threats. “Our conversations with clients have significantly evolved from a focus on threats and capabilities to creating a balanced and holistic cyber program that responds to an institution’s critical business risks, while considering the new realities of a complex and interconnected operating environment,” said Bill Stewart, senior vice president and head of Booz Allen’s commercial finance program.

Part of the holistic cyber approach discussed in the Booz Allen study involves the insurance industry providing coverage to financial institutions that address the potential additional cyber liability risks that come with the NIST framework. “The NIST cyber-security framework moves financial services firms closer to a set of voluntary guidelines that would create a de facto “standard of care,” which would then make private sector enterprises liable in the event of cyber breaches in which personal information or other valuable data is destroyed or taken over by attackers.  While this creates liability risk for banks, it also opens the window for the insurance industry to offer policies that help firms offset this liability,” according to the Booz Allen study.

Make Cyber Liability Coverage Part of Your Firm’s Insurance Program

There is no doubt that today that all organizations must have a cyber-security plan in place that also includes Cyber Liability insurance (also known as Privacy and Network Security). This coverage is designed to respond if a system is hacked and personal or financial data of employees or clients, or proprietary data of business partners, is stolen. It will provide coverage for awards or settlements plus legal defense bills, forensic investigation costs, notification and remediation expenses, and even crisis management and public relations problems. A policy can also be designed to protect a company against the costs generated by an accidental transmission of computer viruses or other malicious code that harms another party.

Axis Insurance Services, LLC specializes in providing management liability insurance solutions and understands the risks faced by companies that involve employment practices, fiduciary responsibilities, directors and officers, and privacy and network security exposures. We offer a full range of insurance solutions – including Cyber Liability – to respond to the diverse exposures organizations face. Furthermore, our experience in key industries allows us to work with our insurers to customize policies to fit a client’s specific needs. Please give us a call at (877) 787-5258 to find out more about our insurance programs.

Sources: Kroll, Booz Allen, NIST

Comments

comments

Blogged on: December 17, 2013 by Mike Smith
Error Omissions
Error Omissions
Submit your information below so we can contact you with a FREE quote
[All fields are required.]
Actual Annual Revenue:
Verify:
=
I have read and agreed to theTerms & Conditions
Error Omissions
Error Omissions