How clever is your password? If it’s on the list below, your password is just as easily stolen as it is remembered. Protect yourself by making sure you’re not using one of the top 25 most commonly stolen passwords of 2015, as determined by IT security firm SplashData.
To create a more secure password, make sure you are not relying only on numbers, and try to avoid simple keyboard patterns. You may also want to avoid easy-to-find information such as birthdays, favorite sports teams and addresses. Attempt to create a password that is eight or more letters long, and avoid using the same password for multiple access points.
According to the 2015 Small Business & Cybersecurity survey, 81% of small business owners think that cyber security is a concern for their small businesses, while 94% either frequently or occasionally think about cyber security issues.
Surprisingly, only 42% of respondents had invested in cyber security protection in the past year, despite the fact that 31% of these businesses had experienced either a successful or attempted cyber attack.
It’s possible that small business owners might simply be spreading themselves too thin. About 83% of small business owners said that they handle cyber security themselves. But given the threat, it was surprising to discover that 95% of small business owners don’t have cyber insurance.
One more stat, 1 in 5 companies uses a cloud services provider. If cloud data is breached, the hiring company (aka your business) is still primarily responsible.
Cyber insurance can offer third-party (cyber liability) and first-party (cyber crime expense) insurance coverage. Most, if not all insurance carriers, have developed cyber security / data breach insurance programs tailored to small businesses.
If you’re interested in exploring the costs of a cyber liability / data breach insurance policy, please contact me to discuss. I have more than several carriers we can quote this coverage with.
According to IBM’s 2014 Cyber Security Intelligence Index, over 75 percent of the cyber attacks the company monitored in 2013 targeted the following five industries:
1. Finance and insurance (23.8 percent)
2. Manufacturing (21.7 percent)
3. Information and communication (18.6 percent)
4. Retail and wholesale (6.2 percent)
5. Health and social services (5.8 percent)
Every day, more than 1 million people become victims of cyber crime. Cyber criminals look for the weak spots and then attack, no matter how large or small the organization. Cyber attacks can result directly from deliberate actions of hackers, or attacks can be unintentionally facilitated by employees—for example, if they click on a malicious link.
Check out these 3 reasons why hackers love your small business:
Travelers Insurance Company has joined the ranks of other major carriers such as The Hartford in writing coverage for technology companies. Travelers Global Technology President Ronda Wescott and Chief Underwriting Officer Mike Thoma provide their perspective:
If you have a Life Science or Software and Information Technology Company and would like a review of your current insurance portfolio, feel free to contact me anytime. I can help market your coverage’s with all the major carriers specializing in this sector.
Some of the most common insurance coverage’s important to the Life Science or Software and Information Technology industry are:
- Commercial General Liability
- Professional Liability (Errors & Omissions)
- Workers’ Compensation
- Commercial Automobile
- Commercial Umbrella/ Excess Liability
- Cyber Liability & First Party Data Privacy Expense
- Directors and Officers Liability (D&O)
- Employment Practices Liability
- Fiduciary Liability
- Kidnap and Ransom
- Group Medical Insurance
- Group Life and Disability
Today I stumbled on a business blog post from Chubb that really grabbed my attention. This was regarding disposal of computers, laptops and any other electronic equipment that may contain personal information about employees, clients or customers. Make sure that the information has been completely destroyed!
Here’s the post……“Trashing Bytes of Information”
When you dispose of this type of equipment, it is not enough to simply delete the information from the hard drive or format the disk. Instead, you should overwrite, or wipe, the hard drives and disks. You can do this by purchasing a wipe disk software program that conforms to Department of Defense requirements.
If you dispose of equipment without taking the proper steps to destroy the information, it could still be accessible and this may constitute a data breach. Your business may be subject to the same fines, penalties and regulatory notification requirements as if your systems had been infiltrated by a hacker.
Techniques for Removing Information
Deleting information is not effective. It removes pointers to information on your device, but it does not remove the information. Do not rely on the deletion method you routinely use when working on your device, whether moving a file to the trash or a recycle bin or choosing “delete” from a menu. Even if you “empty” the trash, the information is still there. It can be retrieved.
Overwriting is effective on all computing devices. It puts random data in place of your information, which cannot be retrieved because it has been obliterated. There are software programs and hardware devices available that are designed to erase your hard drive, CD or DVD—but because these programs and devices have varying levels of effectiveness, it is important to carefully investigate your options.
3. Physical Destruction
Physical destruction is the ultimate way to prevent others from retrieving your information. Of course, you should physically destroy the device only if you do not plan to give it to someone else. Specialized services will disintegrate, burn, melt or pulverize your computer drive and other devices. If for some reason you do not wish to use a service, it is possible for you to destroy your hard drive by drilling nails or holes into the device yourself or even smashing it with a hammer. Never burn a hard drive, put it in the microwave or pour acid on it.
See more on this subject at: Cyber Liability Safely Disposing of Your Devices
As a modern day business owner, you have likely felt the push to become more web-involved. The Internet seems to be where businesses are concentrating efforts, whether they involve revamping your website to keep up with the competition or creating social media accounts to attract a new audience. Of course, charting a new business course presents new risks. Navigating the Internet can be difficult enough when dealing with multiple accounts, email marketing and search engine optimization, but you’re also responsible for protecting the information that you store there. Cyber liability insurance may be the answer.
- In 2008, almost 50% of businesses reported they had 1 to 5 cyber risks.
- The most expensive cyber risk incidents involve fraud, which averages a loss of almost $500,000.
- In 2008, the most common cyber risk businesses faced were viruses, followed by inside abuse and then laptop theft.
- In 2012, 36% of the business industry experienced a data breach.
To understand what protection cyber risk insurance provides, you must first understand the risk you face as a business. Cyber attacks don’t necessarily occur in the ether of Internet. Cyber attacks can also include computer hardware problems, communication media errors, system backup and operating system errors and even errors and fraud invoving internal people like system administrators.
A company can face three common types of cyber risks:
- Natural: The most common errors and losses result from severe weather. For example, a lightning strike or power surge can severely damage or destroy an entire database.
- Human error: These unintentional acts can involve something as simple as leaving a laptop that has access to patient medical records, at the airport.
- Intentional: This involves illegal criminal activity and can occur outside the organization, by hackers or criminals, or inside the organization.
No matter what kind of cyber attack you experience, the consequences of an attack can be expensive. In addition to retrieving information and establishing new cyber protocols, many companies have to perform clean-up efforts with a customer base. Cyber liability insurance can help with each step of recovery.
Source: Trusted Choice
Henry Ford Health Systems in Detroit, MI notified patients of a possible security breach this week after a laptop was stolen out of an unlocked medical office on September 24th. Hospital representatives said although the password was protected, there is a possibility some personal patient information could be at risk.
The laptop contained patient information related to prostate services received between 1997 and 2008 and included some but not all of the following information: Patient name, medical record number, date of birth, mailing and e-mail addresses, telephone number, treatment and doctor visits. No Social Security numbers or health insurance information were stored on the laptop.
Hospitals and medical offices are not the only organizations exposed to this type of loss. When you consider the massive exchange of data with portable devices like smart phones and laptops, and easily assessable web-hosted data systems and servers, there is a ton of data being transmitted through cyberspace. Throw technically sophisticated computer hackers into the mix and a whole new recipe of liability for your organization comes into focus- Cyber Liability.
Although you may have a general liability insurance policy to protect for company from bodily injury or property damage claims, traditional liability policies do not address internet exposures and the risks involved with internet business. That is why you must consider Cyber Liability Insurance. Cyber liability insurance policies can include:
- Coverage for any negligent act, error or omission by an insured that results in the improper dissemination of nonpublic personal information due to the unauthorized access or unauthorized use of an insured’s computer system.
- Coverage for any negligent act, error or omission by an insured resulting in the unauthorized access or unauthorized use of the computer system
- Coverage for any negligent act, error or omission resulting in the wrongful publication, defamation, slander or libel, product disparagement or other tort related to disparagement or harm to the reputation or character of any person or organization in an insureds Electronic Content or Advertising
Hospital or not, your business may be exposed to cyber liability claims if you do any business on the internet, or in this case, use portable devices like smart phones and laptops to conduct business.