More than half of brokerages have been targeted by cyber criminals

More than half of brokerages have been targeted by cyber criminals | Insurance Business

More than half of brokerages have been targeted by cyber criminals
Independent agents working with brokerages and financial advisory firms have a new reason to continue pushing cyber liability insurance—and even to consider a policy for themselves.

According to a new report from the Securities and Exchange Commission, more than half of US brokerage firms have been targeted by email scams attempting to trick them into wiring away client money. Of those who fell for the scam, 26% reported losses of more than $5,000.

Moreover, 88% of broker-dealers and 74% of RIAs the SEC surveyed reported some form of a cyberattack in recent years.

“Cybersecurity threats know no boundaries,” said SEC Chair Mary Jo White. “That’s why assessing the readiness of market participantsand providing investors with information on how to better protect online investment accounts from cyber threats has been and will continue to be an important focus of the SEC.”

The numbers represent a tremendous call to action for commercial insurance agents and advisors. According to the SE report, just 58% of broker-dealers and 21% of RIAs are insured against data breaches.

The problem may lie in misconceptions of cyber insurance. Despite the highly publicized data breaches of Target and Sony, a full 39% of private companies mistakenly believe that coverages like CGL, professional and media liability cover cyber attacks, according to a Chubb Corp. report.

“This is certainly not the case, as a CGL policy has many gaps as it relates to cyber risk and was not written to cover cyber events,” said Christine Marciano, president of Cyber Data-Risk Managers in New York. “Several breaches within recent years have been battled out in court with insurers versus CGL policyholders.”

Marciano also noted that there are “new endorsements on the way this year” to CGL policies that will exclude such incidents, making cyber liability a more obvious need for private companies.