The Data Breach Risk Debrief

Published on Wed, 06/18/2014 - 18:28
data breach

Last week, P. F. Chang made it onto the top-five list that no organization wants to be on.

The popular “China bistro” seems to be the fifth major retail chain to have suffered a credit card data breach, since thousands of new credit cards just appeared for sale on the carding site Rescator. This is the same payment site that was used to sell credit card data from the Target breach. P. F. Chang is still investigating whether the data is indeed bleeding from its own system, or someone else’s.

Regardless of where the breach originated, this incident brings the number of customers affected by retail data breaches up to a startling one-third of the American population.

Businesses: Be Prepared

If there’s any lesson to be drawn from the last few years of hacker headlines, it’s the importance of being prepared.

Big retailers aren’t immune; that much is painfully clear. Small businesses aren’t immune either. Many hackers adopt a high-volume, small-yield “profit model” for their crime of choice, gleaning easy pickings from victims in bulk. So how can businesses prepare themselves?

First, follow best practices in cyber security. The good news is that many of the basic steps behind a decent security strategy are not hard to implement – like changing the default passwords on your Internet-accessible POS devices. (Unfortunately, the majority of businesses fail to go even that far.)

Basic steps are good; advanced steps, even better. According to the 2014 Data Breach Investigation Report by Verizon, retailers should put particular effort into shoring up malware and boundary defenses. (For a detailed list of recommendations, download the full report.)

Second, build a business insurance backup plan. No business is 100% secure – and that’s a fact. Absolute security doesn’t exist; there’s simply no such thing as a totally bombproof strategy.

While we like to suppose that our efforts will protect us, it’s important to recognize that there is always, unavoidably, some percentage of risk.

For this reason, any time you’re having a conversation about business insurance, make sure to put cyber coverage on the table. Marsh reports that from 2011 to 2012, the number of U.S. clients buying cyber insurance increased by 33%. Furthermore, more than three-quarters (77%) of risk managers in the U.S. plan to have some level of cyber insurance coverage in place in the next 12 months, according to a Munich Re survey

Finally, don’t assume that cyber coverage is already included in your standard business insurance policy. Many policies go out of their way to state, on the contrary, it is not.

Get the facts on cyber coverage. Contact us to adopt a plan to protect your business from the unaffordable fallout of a security breach.