Whether it is Equifax, Uber or Wells Fargo, the threat to cybersecurity is more prevalent than ever.
Therefore, it has prompted an increased interest in risk management insurance.
According to a 2017 Cost of Cyber Crime study conducted by Accenture, a global digital consulting company, cybersecurity breaches per company in a year rose more than 27 percent last year.
In 2016, each company was vulnerable to an average of 102 cyberattacks. Now, Accenture’s study says an average of 130 cyberattacks affected each company in the U.S. last year.
“Cyberattacks have been happening as far back as the 1980s, but of course, as the years have progressed and more and more of our businesses become paperless and technology continues to be critical in everything we do, the more exposed we become,” said Jeff Lumpp, president of Grand Rapids-based insurance brokerage firm Hylant.
Lumpp said cyberattacks are inevitable; some of the most intelligent techies have used a methodical process to compromise personal information, such as social security numbers, birth dates, and addresses of employees, clients and other individuals. Retail, health care, government, educational and financial institutions face a higher risk of becoming victimized, according to Lumpp.
“The goal is to sell this information on the black market where people will use this to steal the identity of folks, sell or leak information to competition,” Lumpp said. “Today, we are also starting to see a fair amount of ransomware, which means the hackers will lock down your systems and not open them back up for you unless you pay them in bitcoin.”
Along with ransomware, hackers also are using malware, or malicious software, and phishing, which involves attackers using emails to send intriguing and urgent messages that prompt you to click on the link provided. Clicking on the link will instantly install a virus on the computer.
It was through these malicious actions that resulted in the breach of credit information nationwide on Equifax’s database. It prompted Michigan Attorney General Bill Schuette in September to join other states to demand Equifax improve its protection. More than 4.6 million Michigan citizens were affected by the breach, according to the Michigan Department of Attorney General.
Lumpp said companies affected by cyberattacks feel the effect not just through their clients’ outrage but also in their pockets, which involve legal expenses, IT forensic investigation expenses, public relations expenses, regulatory defense expenses, fines and penalties, lost revenues, costs to restore lost data and costs to upgrade computer security.
Before attacks happen, companies have the option of securing cyber insurance, which varies from $6,000 to $14,000 for low-risk businesses, according to Lumpp.
However, it does not erase the possibility of a cyberattack.
“Cyber coverage doesn’t solve everything, it is simply the safety net to help the company avoid catastrophic claim issues,” Lumpp said. “It is critical that your insurance agent help you to identify your exposures and help fit you with the proper amount of coverage, but also to help you develop the right safety protocol and procedures to help mitigate and to know what to do when a breach occurs. Speed is key once a breach occurs. In some lower-risk industries, companies will buy the cyber coverage simply for the breach response services.”