Equifax’s Cyber Insurance Not Enough to Contend with the Breach

As news broke of one of the biggest information hacks in history, Equifax became the new face of insufficient cyber security. The breach now serves as a cautionary tale for businesses everywhere. Most cyber attacks focus on small businesses, as they are often easier to hack into due to deficient cyber security. Larger businesses are harder to penetrate as they can afford to invest in the best cyber security available.

However, as Equifax is learning the hard way, investing in cyber security does not mean businesses do not need cyber liability insurance. Equifax has several insurance policies covering cyber security, general liability, crime, and much more. However, untangling which policy will payout for the hack will take time, and the coverage is likely not going to be enough to account for the expense.

Cyber liability insurance is not the only policy plaguing Equifax. Their property and business interruption insurance is likely inadequate to compensate for the losses they are encountering and will experience in the coming weeks. They are also contending with investigations at the state and federal level as well as a potential multi billion-dollar class action lawsuit.

Understanding the Breach

Hackers were able to achieve such a massive breach by taking advantage of a U.S. website application weakness. Equifax discovered the breach in late July and immediately engaged a cyber security firm to halt the attack. However, the breach began several months prior and accessed up to 143 million individuals’ private information. Equifax also commissioned the firm to discover what data the hackers compromised and how to prevent such an attack in the future. In the meantime, Equifax created a website to allow individuals to determine if the breach included their personal information. Equifax is also offering free credit monitoring for a year.

Risk Retention

In the aftermath of the breach, many are wondering why Equifax’s cyber liability coverage is insufficient. It comes down to risk retention. It is a risk management technique where a company plans to accept certain losses. Some examples include high deductibles or not investing in insurance on purpose. However, Equifax’s situation is more complicated. What insurance policies and how much coverage they choose varies depending on availability, cost, and perceived threats. The attackers struck during a period of insufficient coverage as part of Equifax’s risk retention strategy.

Assessing and Addressing Cybersecurity Risks

Business owners need to evaluate their cyber security situation and manage any gaps in their coverage. Even if a business owner believes their coverage is sufficient, they need to reevaluate their policy from time to time. For example, many business owners believe their business liability insurance protects them in the event of a cyber attack, but this is often not the case. In addition, business owners need to adjust insurance policies as technology changes and businesses grow to ensure they have sufficient coverage.

Understanding Cyber Threats

The latest buzzword related to cybersecurity is breach, but that is not the only type of cyber threat businesses face. Below are some of the most common cyber threats business owners may encounter.

  • Data breach. Data breaches, such as the one Equifax is dealing with, happen after a security measure fails. Hackers access private data such as credit card numbers or social security numbers and use them without permission. Businesses that lose their customers’ data face high penalties, investigations, and more.
  • Hackers use this type of attack to target smaller businesses. They install malware onto a company’s devices and demand payment to remove it.
  • Third party data. This scenario applies whether your business handles a third party’s information or if your business engages a vendor to handle sensitive data. For example, if your business hires another company to safeguard sensitive data, cyber policies will still payout if hackers compromise the company.

The best way for businesses to protect themselves from cyber risks is to discuss their insurance options with an expert. The Reilly Company can help businesses assess and mitigate cyber risks as well as secure the best coverage pricing for policies. No business is impervious to cyber attacks; to learn more about protecting your company from cyber threats, contact us today.

Share on FacebookShare on Google+Tweet about this on TwitterShare on LinkedInShare on RedditShare on Tumblr

Three Types of Insurance Business Owners May Not Know They Need

Starting a new business is an exciting prospect, but it also requires a lot of hard work. Entrepreneurs have to focus on several elements all at once such as their products, their customers, their insurance, and their bottom line. However, failing to invest in the right kind of business insurance can lead to financial ruin. While most entrepreneurs are familiar with the major forms of business insurance (i.e. general liability, property, etc.), not all businesses conform to traditional coverage needs. Below are examples of three types of business insurance coverage small business owners may not realize is vital to their continued success.

Home Business Insurance

Many individuals operating their business out of their home may assume their homeowner’s insurance covers them in the event of theft or damage related to their home business. Unfortunately, this is not the case. Some homeowner’s policies allow add-on coverage to protect some elements of a home business, but the best solution is to invest in home business insurance coverage. This type of policy covers liability, theft, loss of business equipment, and more.

Business Life Insurance

Many businesses cannot withstand the loss of their leader. This is especially true for small businesses since one individual may perform several major jobs. For example, the COO may also be the primary hiring administrator as well as head of marketing. A company would find it difficult to replace such an individual. Moreover, the time spent finding and training new employees to fill those jobs puts a financial strain on the company. If such an individual were to die without warning, the business itself could collapse. In the event of such an unfortunate incident, business life insurance helps companies stay afloat while they replace the individual.

Cyber Insurance

Almost every company does some business via the internet. While having a presence on the web is often good for business, it also represents a liability. If a business collects credit card information or personal data about its customers, it needs cyber liability insurance. Cyber liability insurance also provides coverage in the event of cyber attacks designed to disable internal networks. On average, cyber attacks cost small businesses $9000 per incident. As a result, companies who fail to invest in cyber insurance can experience financial instability or even bankruptcy.

Neglecting to invest in insurance specific to your business is an unnecessary risk. The Reilly Company can help your business identify risks unique to your industry and suggest preemptive methods to protect against them. Contact us to learn more.

Share on FacebookShare on Google+Tweet about this on TwitterShare on LinkedInShare on RedditShare on Tumblr