“Apply your heart to instruction, and your ears to words of knowledge.”
These words translate to advice we all need to heed in today’s Cyber age.
Simply put, we need to keep our eyes and ears open in order to be wise. Wisdom on Cyber Liablity issues for a retail insurance agent is a powerful tool in today’s world. So with your eyes and ears open to the recent Target data breach, what important instruction and words of knowledge did you learn?
As America’s Cyber Insurance Experts, we ourselves are reminded of many things, and today, we will look closely at one of the primary lessons- Short Term vs. Long Term consequences of a breach event.
A data breach is no picnic. The immediate reaction for an Insured is concern- how did it happen, what was exposed, and where do we go from here. Once these questions are asked, the short term consequences begin. These include:
1. Identification. From the onset of the moment an Insured discovers a breach has occurred, identification must begin. How did the breach occur? What data was exposed? How can further exposure be stopped? What can be done to prevent recurrence? An insurance policy with strong breach response services will respond to all of these questions swiftly to help mitigate the scope of damage the event can cause.
2. Reparation. The swift and comprehensive recovery effort of lost or stolen digital assets is essential. Credit monitoring programs and customer support should be in place and able to respond to affected individuals as is necessary. Repairing the inconvenience to the affected party as quickly as possible must be done.
3. Notification. The process of notification is much more complex than a letter campaign to those people compromised. It first requires competent legal professionals to navigate state by state laws requiring notification to ensure that all regulatory requirements have been met. It requires sophisticated forensic experts to determine exactly what records were breached. It involves the proper use of language, the writing of the letter, and the mailing process.
These primary Short Term consequences must be adequately responded to if an Insured wishes to minimize the effect of the potential Long Term consequences which often arise. These three consequences follow.
In order to truly avoid potentially permanent effects of a breach event, minimizing or even eliminating the long term consequences. The loss of business and other economic impacts that can occur have to be responded to capably and quickly. All of these should be simultaneously addressed.
1. Aggravation. The short term inconvenience to an affected party is measured by the extent of the impact to that party. The aggravation to a third party increases by every level of response required, until such time that aggravation can lead to litigation at worst, and certainly to migration of their business to your competitor. Look at these levels of response required:
– Notification letter to a party of a breach of their data;
– Party is also required to replace credit or debit cards
– Credit information is used to create false credit accounts
– Monitoring of credit is necessary
– Identity theft resolution services are needed
– Credit report/score impacted
2. Consternation. Worry, angst, and insecurity dangerously undermine consumer confidence and brand loyalty. Consumers weary quickly, and a breach event will immediately become a stigma needing to be overcome. Strong crisis management and public relations efforts are the only course of action you can take to avoid large customer migration. Getting strong and convicted language from the onset, offering transparency in your responses, and reaffirming commitment to consumer safety and protection are the message components you want to deliver.
3. Public Relations. So how do you get that message out the right way? Well, talk with Target and they will tell you what NOT to do. A well organized and transparent campaign creatively engineered by public relations experts must be secured immediately. Protecting corporate image and product branding will lessen any effect a breach can cause when the right experts are used from the onset of the event.
With Cyber Liability, there are so many complex and intricate working parts that choosing the right Cyber Liability program is paramount. Your very E&O is at risk if you do not. Count on US Pro as your partner to navigate this line of business. Send us a submission today and let us get to work for you.