In 2013, Target had a data breach, with 40 million credit and debit cards compromised, costing them an $18.5 million settlement – and $202 million in internal costs, not to mention the bad press and lost trust they got for this.
In 2017, a Security Leader survey found 80% of security leaders anticipate data breach in next 12 months.
In July of this year, the restaurant chain PDQ had a database breach at 70 location across 11 states. The cleanup will take months, and cost untold dollars and man-hours of work.
Don’t think it will happen to your company? 47% of small business have had at least one cyber attack in the last 12 months, with $148 being the average cost per lost or stolen record and a whopping $380 per record for healthcare identities.
Is your company ready for this? What can you do?
Here are a few quick thoughts to help you protect your company against these risks:
1 – Keep employee awareness and training up to date – if your employees are educated regularly, they are less likely to make these mistakes. Teach them to keep their home computers that connect to your network up to date, about how to detect hacking and phishing attempts, and how to protect their – and your customers’ – identities and sensitive information.
2 – Make sure all your technology is up to date, especially the ones that you don’t use frequently – If you run a small office, you probably don’t have an IT staff to keep your technology up to date. And even if you do, they may only look at the machines that are connected to your network right now. One of the biggest risks your firm has is computers that are seldom used, as they don’t have the latest virus protection or operating system updates, and that leaves them vulnerable to viruses, hacking and phishing attempts. Add it to someone’s calendar to boot up every machine at least every 30 days just to run the latest updates. One client was going on a trip and needed to bring their laptop to do work while on the road. Nobody plugged in that laptop computer for 9 months, and it had over 300 updates to run before it was suitable for use and could be connected to their network, barely finishing up the morning of his trip. Had he left without updating the laptop, he would have put the entire firm at risk.
3 – Review your existing policies and possibly get separate cyber/privacy insurance – Traditional insurance seldom protects you against all that could happen. Mistakes can and will happen. Copyright, trademark infringement, libel, slander, plagiarism are all real concerns. Couple that with viruses that your firm’s computers can unknowingly send over the internet, privacy policies that get accidentally violated, and you have a lot of risks. Patti Thompson is a cyber insurance specialist, and you can contact her at 813-418-4492 or email her to have her review your existing policies and talk to you about a separate cyber and/or private insurance policy.
For many organizations, this can be a confusing and costly topic. Don’t let your company be the next one in the news. Know what you’ve got, what your options are, and get protected before your company is at risk. We can help.