High-tech stores are at a higher risk of cyberattacks—and the liability that comes with them

Collecting customers' data leaves business prone to security breaches and the high cost of fixing them. Burns & Wilcox offers protection for today's risks with Cyber & Privacy Liability Insurance

High-tech stores are at a higher risk of cyberattacks—and the liability that comes with them

Amazon has been using software applications to follow and understand its customers for a decade. It has been using its virtual assistant, Alexa, to listen to its customers for the past two years. And now, through its AmazonGo stores, it will use a network of sensors and cameras to watch its customers.

Last week, Bloomberg reported Amazon is considering a plan to open as many as 3,000 new AmazonGo stores in the next few years. Cashiers are absent from these convenience stores; customers use a smartphone app to enter the store, and cameras and sensors track what they take and tally their purchases. The first AmazonGo store opened in Seattle in 2016. Analysts say the expansion could generate between $3 billion and $6 billion in revenue for the retail tech giant; just as importantly, it could give Amazon access to unprecedented customer data.

Yet that data collection has a catch for businesses.

The more “high-tech” and connected a business is, the greater the focus needed for securing the technology and all data that flows through it, according to David Derigiotis, Certified Information Privacy Professional (CIPP), Corporate Vice President and National Professional Liability Practice Leader, Burns & Wilcox.

Make sure your business is protected in the event of an attack

Gartner, a consulting firm, estimated that 8.4 billion devices were connected in 2017 and more than 20 billion will be by 2020. As of March, there were approximately 4.7 million developers in the world creating these types of connected devices to help consumers in their homes and with their health. Earlier this month Amazon unveiled new Alexa technology to control microwaves, TVs and car infotainment systems. Apple’s newest Apple Watch is being marketed by the company as a medical device, with the ability to offer an ECG to wearers at any time.

With the increased use of connected devices, comes a greater need for coverage.

Cyber & Privacy Liability Insurance covers the costs associated with managing a cyber-security incident including unauthorized access to sensors, cameras or any connected device. It pays for forensic investigations, legal costs and regulatory fines, business interruption, social engineering and phishing attacks, the creation and mailing of a notification letter to customers, as well as credit monitoring or other services offered to customers.

“Many policies offer pre-breach services to help with incident prevention and preparation,” Derigiotis said.

A Commercial General Liability (CGL) policy may cover bits and pieces of a cyber-security incident, but Derigiotis said the needed limits and scope of coverage pale in comparison to a standalone Cyber & Privacy policy. It is not the true intent of a CGL policy to address cyber and privacy risks.

A standalone cyber liability policy providing a $1 million limit can cost less than $1,000 a year for many small businesses. Policies can scale into the tens of millions of dollars of coverage to meet the needs of larger businesses that have higher risk profiles, such as retailers, healthcare companies or educational institutions…

 

Keep up with the latest news and events

Join our mailing list, it’s free!