When you hear the term “cyber”, the natural inclination is to immediately think of your IT equipment, people, process, programs and anything else related to Information Technology and your business. Nonprofits and large public companies all share this same attitude, as today’s business person looks at IT as a part of their business, but it is not their business. So the term “Cyber” when used in context with a sound insurance approach, many businessowners, directors and officers, and executive personnel look to the IT department, staff or outsourced vendor as the “expert” in advisement on Cyber Insurance issues. Yet, in truth and in theory, the IT department is the least important person in the purchasing process, as their role is in answering application questions only as it relates to internal controls. So what does this mean?
Internal Controls
Internal controls are the mechanisms used by an entity to mitigate potential exposure of its network integrity, and in conjunction, access to its records. Since Cyber Insurance deals primarily in the legal liability of an entity to protect a third party’s personal confidential information in its possession, the key to reducing its potential for loss is strong internal controls. These include encryption of any portable device, using password protected protocol for access to all databases, spreadsheets and other confidential documents, having adequate and up to date anti-virus software. remote authentication and encryption, and many other components of a sound security policy.
Records
As noted above, internal controls are in place to protect access to an entity’s records. Records consists of personal confidential information, which comes in two different types for which your client is legally responsible to protect from theft or compromise: personally identifiable information, and protected health information. These vital sources of information are the constant target of identity thieves. But even more, these are under constant threat of compromise by your own employees, vendors, and other third parties who have access to the information, such as cleaning crews. Rogue employees, criminal employees, and deceitful vendors all increase the exposure to risk of a loss. Most importantly, the most misunderstood component of Cyber Insurance is that the loss is somehow computer related. Records come in two forms- written or electronic. Exposure of written records, improperly discarding of written records without shredding, open access to written records stored in file cabinets. All of these are exposures to a Cyber Insurance loss.
Moral of the Story
Your IT department is a very important part of your business process. Having strong internal controls and efficient automated processes that ensure productivity, profitability, and security combine to improve your business results, whatever kind of operation you may be. However, despite all of their best efforts, they cannot prevent you from having a Cyber Insurance loss, they can only mitigate the exposure to the risk of having one electronically. Additional exposures such as Business Interruption, and Notfication Costs Coverage, can be very costly should they occur. The average loss from a Cyber event is $188,000 should it happen. There is too much cost associated to some potential losses, which ultimately is impossible to totally prevent, that the premium costs for the coverage far outweight the potential loss expenses of an uncovered claim.
US Pro is YOUR source for Cyber and a LOT MORE!
We are America’s Cyber Insurance experts. We represent the very best carriers for this coverage, we offer free webinars on Cyber Basics 101, and we have our own unique Cyber website at www.cyberinsurancesource.com which gives you tremendous access to everything you could ever want to know relating to Cyber. But this is not all that we do. Before we were Cyber experts, we first were one of the country’s most well-known D&O brokers, and our President is one of the father’s of EPLI insurance. We specialize in these lines, and every Professional Liability line of business, as well as Technology and Environmental. Find out more about US Pro Insurance at www.usproins.com today!
Send us a Submission Today!
For an unbelievably quick turnaround on most submissions, simply send us your new business to ksneed@usproins.com for IMMEDIATE attention. At US Pro, your sale is our success.
USPro
