Cyber security has become a growing concern for U.S. companies over the past couple of years, and for good reason. Information breaches have not only become increasingly common, but also much larger. Nothing illustrates the state of modern web security quite as well as the most recent breach, which saw hackers target the IRS by exploiting faulty security to compromise over 100,000 taxpayer records.
Are You At Risk?
If you work with customer information of any kind, then the answer is likely yes. The term to look out for here is Personally Identifiable Information, or PII. It's not a technical term, but rather a legal term that carries some teeth if you have to deal with it.
At its root, PII is any piece of collected information that could potentially allow a third party to identify a business's individual clients. Given how good the Internet is at leveraging even tiny hints to track down a person, that definition is awfully broad. Full names, email addresses, site nicknames, and (sometimes) even web cookies can all qualify as PII.
What Your Cyber Policy Needs
You'll need to look for a few things in any cyber insurance policy. As you may expect, a good policy should cover the financial damages directly caused by a breach. However, cyber attacks can cause financial damage in a wide variety of ways. In particular, make sure that your company is protected against:
- Losses caused by lost time and productivity. A major hack can cause company gears to grind to a halt. Find an insurance company that guarantees coverage for the revenue lost during this period.
- Indemnification caused by a third party. Few modern companies handle their data on their own. Outsourced IT support or other companies can fall victim to a breach that affects your customers.
- Loss of Reputation. Breached companies, even those that have done their due diligence, almost always take a PR hit in the wake of an attack. A good policy offers some cushioning against the customer losses that generally ensue.
- Indemnification caused by a third party. Few modern companies handle their data on their own. Outsourced IT support or other companies can fall victim to a breach that affects your customers.
- Loss of Reputation. Breached companies, even those that have done their due diligence, almost always take a PR hit in the wake of an attack. A good policy offers some cushioning against the customer losses that generally ensue.