Can You Survive a Hack Attack?

Can You Survive a Hack Attack?

cyber attack 0

Cyber coverage critical for companies of all sizes.

High-profile hacks may have faded from the front pages, but the risk continues to grow. More than 60% of all attacks happen to small and mid-size businesses, according to IBM. More than half go out of business within six months of the attack.

What’s even more frightening? While the FBI says more than 4,000 ransomware attacks happen every day, it takes most businesses 197 days to detect a breach on their network. We all have to wonder what surprises are lurking in our systems!

The Miller Group recently asked our colleague Jonathan Sherman from Evolve MGA to talk with clients about this subject and help them understand the coverage available.

Intangible assets at risk
Most insurance focuses on tangible assets. Yet, many of us are sitting on intangible assets whose value isn’t readily apparent. Their loss, however, is calculable. For example, compromised health records can be worth $500 to $50,000 each. Any organization that collects personal information – even credit card numbers – is vulnerable.

Ransomware and wire fraud are top two hacks
Ransomware attacks continue to grow, increasing 55% to 60% over the last year. Believe it or not, Jonathan told us that Evolve itself experienced one of these attacks last year. While the firm did not repay the ransom, it did pay $25,000 to investigate and close the breach.

The size of the company does not always relate to the size of the attack or its cost. For example:

  • A $25 million catering company recently had $700,000 in business interruption costs due to a hack.
  • A heavy equipment sales and body shop with $57 million in revenues experienced a “full-limit loss” of $1 million when an employee clicked on a link that brought malware into its email server, destroying all the company’s data.
  • And an architecture firm with $3 million in revenue paid $250,000 to have its data rebuilt after an attack destroyed its in-house-created system.

Wire fraud is the second most common hack. Evolve recently paid a $935,000 claim for a single wire-transfer fraud incident. A hacker posing as a general contractor asked the project manager to transfer money. Although the payment processing company had a protocol in place that would have caught the error, someone there did not follow it. More than 8% of the firm’s revenue went right out the door. The good news? The company only had to pay its $5,000 deductible to restore the loss.

Even individuals are at risk – especially in the home-buying process, where diversions of home- payoff wire transfers are often easy to pull off. Jonathan described an incident where a homebuyer lost $332,000 when a hacker put a code on his email to move incoming emails to the deleted folder, causing him to miss important emails from the mortgage broker. The homebuyer inadvertently sent the money meant for the broker directly to the hacker’s bank account!

Costs go deeper than you might imagine
Among the expenses you can anticipate when your data is breached:

  • Incident response
  • Legal and regulatory ($400 per hour)
  • IT security and forensics ($500 per hour)
  • Crisis communications ($400 per hour)
  • Privacy breach management
  • Third-party privacy breach management
  • Post-breach remediation

Each of these is covered at $1 million per claim by Evolve’s standard policy. The policy also covers system damage and rectification costs, system business interruption, consequential reputational harm and loss adjustment costs. And it includes coverage for the criminal aspects of potential hacks, such as funds transfer fraud, theft of personal funds, extortion, telephone hacking and fraudulent communication.

In addition, policyholders have access to several free services to help them assess their current vulnerabilities, test and train employees on avoiding phishing threats, build an incident response plan and put risk monitoring in place.

10 Reasons to Consider Cyber Coverage

  1. Cyber-crime is the fastest growing crime in the world, but most attacks are not covered by standard property or crime insurance policies.
  2. Systems are critical to operating your day-to-day business but their downtime is not covered by standard business interruption insurance.
  3. Data is one of your most important assets, yet it is not covered by standard property insurance policies.
  4. Third party data is valuable and you can be held liable if you lose it.
  5. Retailers face severe penalties if they lose credit card data.
  6. Complying with breach notification laws costs time and money.
  7. Your reputation is your number-one asset, so why not insure it?
  8. Social media usage is at an all-time high and claims are on the rise.
  9. Portable devices increase the risk of a loss or theft.
  10. It’s not just big businesses being targeted by hackers, but lots of small ones too.

Jonathan says premiums for cyber coverage are relatively low now, but he expects them to “mature” over the next five years. So, now might be a good time to get in. Your Miller Group consultant can help you investigate your options.

By Chris Miller, Commercial Risk Advisor, Commercial Insurance

See Also:
Drone Insurance Doesn’t Have to Be Sky High

Ransomware: Are You Protected?

Ben Franklin Advice Holds True for Cybersecurity

The Four Do’s of Safeguarding Protected Health Information

 

Leave a Reply

Your email address will not be published. Required fields are marked *