Archive for August, 2015

Data Breach Coverage


The past couple of years have been extremely busy on the data breach front. Businesses including Target, Home Depot and Jimmy John’s (just to name a few) all faced security breaches, along with more than 96 million customers. And, let’s not forget the little Sony incident where more than 47,000 celebrities and employees had personal data (including social security numbers) and embarrassing emails exposed to the public.

Personal and financial data is big business. So, it’s no wonder that the government has increased regulations to place more responsibility on companies to protect clients’ personal information.

For Fortune 500 companies, the penalty for a data breach would appear to be nominal. Target agreed to pay $10 million in a proposed settlement of a class-action lawsuit related to its huge data breach. Sony estimates its breach’s financial impact has been a little over $15 million to date “in investigation and remediation costs.” Barely a drop in its bucket.

But, what if your client isn’t a Fortune 500 that can absorb millions of dollars in litigation and settlement fees? Then what?

Even though we may not see smaller businesses on the news for breaches, it happens to them too. In actuality, small businesses can be even easier targets for a breach, because they often do not have the same level of security as large corporations.

If your clients do business online, or if they store information online, then you should be talking to them about data breach coverage, which is generally offered as part of a larger cyber liability policy. Almost all businesses now use computers to store customer and employee information, including social security numbers and credit card numbers or bank information, putting them at risk. If the worst should happen, the stress and financial burden could be enough to close a business’s door for good.

What is data breach insurance and why do your clients need it

Until recent years, data breaches were not a real issue, so coverage for this type of liability was virtually non-existent, leaving many businesses facing a risk that they may not have been able to handle.

If a data breach occurs, not only is the business liable, but it is also required by law that the business notifies the affected parties. The main purpose of data breach coverage is to help cover the costs of the breach, such as:

  • the cost of notifying the affected parties
  • court costs, if necessary
  • costs of security fixes
  • and, the implementation of new programs which will help secure the businesses future.

How much could a breach cost one of your clients? It’s hard to say because the cost of a data breach varies from organization to organization, depending on a variety of factors, e.g., number of records breached, damage to computer systems, costs to rectify the breach, lawsuits that may occur, etc.

A recent study by the Ponemon Institute found that the average cost of a data breach totaled more than $154 per compromised record. Not to mention, ancillary costs of possibly hiring a consultant to figure out how to ensure the threat of a breach is gone, retaining or regaining customer loyalty, time taken away from the business to address the breach, and the list goes on.

While data breach coverage may not be for every business, the potential cost is worth the exploratory conversation with your clients.

What you can expect from UIG:

Proactive, pre-breach risk management tools that support a client’s IT department efforts:

  • AutoShun hardware device to all insureds who have +$5,000 in premium. The device is placed just outside of the client’s network firewall and is designed to block known bad IP addresses. By keeping these addresses out of the client’s network, it dramatically reduces potential for breaches or compromised systems.
  • Cyber Risk Tool program that will analyze and report to the insured what activity is taking place on a regular basis. It also allows the insured to set up their own training programs and assists with compliance and regulatory issues.
  • If your clients are iPad users, they can access the CyberEdge mobile app for free and gain complete access to our entire program. Included are current, ongoing breaches in the US- state by state, a breach cost calculator, policy information and more.

To find out more about these programs and how UIG can assist you in this area, send us an email or call 800.385.9978.

read more