errors and omissions insurance Why Educational Institutions Are Buying Cyber Liability Insurance | Axis Error & Omission
Error Omissions
Error Omissions
Submit your information below so we can contact you with a FREE quote
[All fields are required.]
Actual Annual Revenue:
Verify:
=
I have read and agreed to theTerms & Conditions
Error Omissions
Error Omissions

Why Educational Institutions Are Buying Cyber Liability Insurance


Why Educational Institutions Are Buying Cyber Liability InsuranceAccording to insurance industry statistics, there has been a 58% surge from 2013 to 2014 in the number of colleges buying Cyber Liability insurance, also known as Privacy & Network Security coverage. There are several reasons for the upsurge including the escalation of breaches occurring at nationally recognized corporations and several high-profile breaches at universities that have served as wake-up call for educational institutions. “Cyber is definitely one of the biggest risks a university has,” said Michael Liebowitz, director of insurance and risk management at New York University. “It is a huge deal…”

In 2014, you had the University of Maryland (U-Md) hit with a sophisticated cyber attack that compromised 300,000-plus records of faculty, staff and students. The cyber criminal was able to hack into the school’s database and duplicate the information, which included names, Social Security numbers, dates of birth and university identification numbers for people affiliated with the school on its College Park and Shady Grove campuses.

At the Indiana University in early 2014, there was also a breach that affected 146,000 students and recent graduates. Among those affected were people who attended the university from 2011 to 2014 at seven of its campuses, according to the school. A week after the Indiana University breach, the North Dakota University system had reported that a server containing the information of 291,465 former, current, and aspiring students and 784 employees had been hacked.

When these cyber attacks came to light, discussion regarding the serious exposures schools face became a serious subject and spurred many into action. It became increasingly more apparent that the open culture among universities that tends to encourage information flow is a main reason schools remain vulnerable to hackers. As we cited in our article last March on the heels of the U-Md breach, a study conducted by Halock Security Labs in 2013 reported that of 162 institutions investigated, including Big Ten, Ivy League, community colleges and technical institutes, more than 50% allow for the transmission of sensitive information over unencrypted, unprotected email, putting private student and parent data at greater risk.

Moreover, a Rand report last year cited that criminals typically go after personal information, rather than that of credit cards (like at retailers and financial institutions) at schools. The reason they can get at this information is “not so much a case of them being targeted, [but] more of a case of they happen to be insecure or less secure,” said Lillian Ablon, a researcher at RAND.

Increasing Cyber Security, Securing Insurance

As result, schools are looking to beef up their cyber security measures. For example, the University of Minnesota has formed several new policies regarding cyber, including requiring computers connected to the University network to have virus and malware protection software. Also, University community members can store the institution’s private data only on school networks unless they get prior approval to store it elsewhere. The school also contracted an external review of its information security program to obtain recommendations on how to improve and plans on making these findings known to its board in May. In late 2013, Harvard University formed a new position and hired a chief information security officer tasked with making sure the university’s networks are secure. The school underwent an extensive analysis of its complex cyber networks in 2014.

In addition to beefing up their cyber security measures, schools are increasingly turning to Cyber Liability to protect their assets. Many are interested in Cyber coverage for crisis management. They want access to the expertise on how to get from Point A to B when a breach occurs and the coverage to pay for this expertise. They also want the coverage provided by Cyber Liability policies to pay for the costs of forensics, regulatory costs, notifications, public relations, extortion, business interruption, credit monitoring and remediation.

Axis Insurance Services specializes in writing Cyber insurance for educational institutions, including providing manuscripted amendments to offer broad coverage. Give us a call at (877) 787-5258 to learn more about how we can provide you with a policy suited for your college or university.

 

Sources: Advisen, Minnesota Daily, Schools Look to Beef Up Cyber Security Coupled with Insurance Purchase

Comments

comments

Blogged on: March 16, 2015 by Mike Smith
Error Omissions
Error Omissions
Submit your information below so we can contact you with a FREE quote
[All fields are required.]
Actual Annual Revenue:
Verify:
=
I have read and agreed to theTerms & Conditions
Error Omissions
Error Omissions