The threat represented by cyber risks is now as tangible as physical threats to a company’s assets and is faced by any company dealing with electronic data, whether on mobile devices, computers, servers or online. Cyber risks are evolving and becoming more complex as technology and criminals increase in sophistication, heightening the propensity of a data breach. Once a breach does occur there are potentially a wide range of adverse ramifications for a firm.
- WHAT DATA DO YOU HOLD?
In the digital age companies are responsible for increasing amounts of data, both of their customers as well as their own employees. On an individual level, if payments are taken by credit or debit card, you are responsible for those details, as well as any contact details of clients, including names and addresses. Employee data can be even more detailed and include payroll details and medical history. On a business level, highly sensitive information around potential M&A deals, taxation matters, private financial information or even details of high profile clients are your responsibility to keep securely, and a leak of this data could be costly. If you hold data on US clients, you are required by law to notify them in writing of a breach. Cyber Edge will pay for these notification costs whether mandatory or voluntary, and the policy responds to local laws in the applicable territory.
- THE FULL COST OF A BREACH:
Your practice may be exposed to the following costs:
– Regulatory fines, including PCI
– Damages and litigation expenses associated with defending claims from third parties
– Diagnosing the source or loss of a breach
– Reconfiguring networks, re-establishing security and restoring data and systems
– Notification costs
– Credit file monitoring
– Implementation of disaster recovery plan
– Lost billable time.
A professional indemnity policy is unlikely to indemnify you for breaches of data protection legislation or the costs to your firm following a breach.
- REPUTATIONAL CRISIS:
News of leaks spreads fast, especially in an age of social media. Public confidence in a company can diminish within hours. The situation requires careful management and consideration of the media, customers, staff and stakeholders. Swift action and a carefully managed PR response will be needed to regain trust and protect the company’s reputation. Cyber Edge provides access to cyber incident response services from industry specialists VEGA and breach coaching and PR management from law firm Speechly Bircham LLP to assist in repairing organisational as well as individual reputational damage following a breach.
- COULD YOUR BUSINESS CONTINUE TRADING WITHOUT YOUR IT SYSTEMS?
If your IT systems failed, or you experienced an intrusion or were hacked, what would the effect be on your business? Inability to transact business and document work? Damaging existing relationships and hindering the development of new relationships? Negative publicity? All these lead to a loss of revenue that is out of your control. Cyber Edge can help cover the loss of revenue, recover the lost data and notify the data subjects of the breach.
- CHECK FOR GAPS IN YOUR INSURANCE COVER
It is unlikely that coverage required in the event of a data breach will be provided by standard Professional Indemnity, Directors and Officers or Commercial Liability policies and it is possible that you may not be compliant with your regulatory obligations. If limited cover is provided it will not be adequate in certain claims scenarios such as virus transmission, business interruption without physical damage to premises, and mandatory and voluntary notification costs.