The cyber-attacks against Target stores may be just the first in a series of oncoming data breaches, and brokers who aren’t already stressing the importance of cyber insurance may want to start doing so soon.
According to Carnegie Mellon security researcher Nicolas Christin, nearly two dozen companies have experienced data hacks similar to the Target breach this year and many more will suffer a similar fate in the coming months.
“You’re going to see more and more people trying this,” Christin told reporters. “If you just saw your neighbour win the lottery, even if you weren’t interested in the lottery before, you may go out and buy a ticket.”
Greg Markell, an account executive at Jones Brown in Toronto, points to a 2012 Norton study that found 46 per cent of Canadian adults were victims of cybercrime, resulting in a total net cost of $1.4 billion.
“Even more frightening still: the numbers for 2013 have doubled, and that cost is now estimated at $3 billion,” says Markell, who is featured in the upcoming issue of
Insurance Business magazine, on the topic of how to open a conversation with clients on cybercrime.
“With 90 per cent of the workforce working in organizations with fewer than 500 employees in 2012, and 31 per cent of all cyber attacks targeting businesses with less than 250 people,” says Markell, ”small business owners should have the same sense of concern as the Fortune 500’s who have full scale Enterprise Risk Management policies.” (continued.)
#pb#
Christin points to the recent conviction of Alexsandr Andreevich Panin, who designed SpyEye malware, as an example of hacker demand for malicious software and potential for an increase in future events. Panin reportedly sold SpyEye for as little as $1,000 through online forums and an estimated 150 hackers took advantage of the deal.
Nearly 40 per cent of private businesses feel they are adequately insured against cyber liability without a separate policy. According to the results of a recent
Chubb survey, a large majority of employers feel their CGL policy will pay out for damages suffered in a cyber breach.
“This is certainly not the case, as a CGL policy has many gaps as it relates to cyber risk and was not written to cover cyber events,” said Christine Marciano, president of Cyber Data-Risk Managers—an independent agency focused solely on providing clients with top-notch cyber insurance. “Several breaches within recent years have been battled out in court with insurers versus CGL policyholders.”
Marciano believes sectors like healthcare and energy are particularly at risk of cyber-attacks in the coming months, and producers should be especially focused on addressing clients in these areas.
“The attacks aren’t going to be one size fits all,” she said. “[Hackers) will increasingly customize those attacks, and target places that hold large amounts of sensitive data. Those will be the top targets for hackers.”
See also:
22,400 Bell business customers information hacked
