Technology infuses every successful business and nearly every function, making us more productive and efficient. But technology also creates a certain unease: We never know what will go wrong, or when.
We can be certain, however, that things will go wrong.
Now is a good time to review the potential issues — and find ways to prevent or protect against them – as October is Cyber Security Awareness Month, sponsored by the Department of Homeland Security: www.homelandsecurity.gov.
No one is immune from cyber attack, including the smallest businesses. In fact, they are sometimes more vulnerable because they don’t have staff assigned to information technology. Significantly, businesses with fewer than 250 employees were the target of 31 percent of all cyber attacks.[i]
Data breaches are not a mere annoyance. Nearly 45 percent of cyber attacks involve the loss of clients’ or customers’ names, passwords, and email addresses.[ii] When that happens, they look to you to make them whole. Even if their information was not hacked, they will expect you to protect them by supplying services to alert them if their bank accounts and other information is compromised.
Most cyber security problems are the result of malicious intent, with 76.8 percent of incidents caused by activities by people outside the targeted organization, according to “Risk Based Security, An Executive’s Guide to Data Breach Trends in 2012.
And protecting against that loss, along with the rest of a cyber attack aftermath, is becoming more expensive. One study showed that response costs following a breach — involving legal, regulatory, client identity protection services, among others — reached an average of $1.6 million per incident.[iii]
Breaches are more expensive per capita for smaller organizations, which pay $1,607 per employee, vs. the $437 of larger firms.[iv]
Unfortunately, the number of data breaches is increasing. According to a comprehensive report by the California Attorney General’s office, the number of intentional breaches in the U.S. between 2009 and 2012 increased 280 percent.
California led the nation with a 560 percent increase.[v]
Law firms in particular are being targeted maliciously by outside forces abroad. China especially targets law firms with specialties in intellectual property, mergers & acquisitions, or securities regulation to steal documents that will give them an economic advantage whether it be from stealing trade secrets, or profiting from insider trading.[vi]
Companies can benefit themselves by being proactive. A study by Hewlett Packard estimated $1.3 million in cost savings for businesses with good security governance practices.
Today, vigilance is required around the clock; the most innocuous problems start with simple human error.
Sixty percent of companies report a lost or stolen smart phone, and 43 percent report a lost or stolen laptop.[vii]
Such losses are compounded when a business fails to create comprehensive policies that prohibit employees from saving Social Security numbers and other private information on hard drives or in emails.
Fortunately, Narver Insurance can provide you with information and important resources.
We will publish several informational blogs that will help you protect your business and lessen your potential liability. In the next weeks we will write about your liabilities of cybercrime, what to do if your firm has a security breach, the ins-and-outs of cyber crime insurance, and lastly, best practices to avoid a cyber crime attack. Questions? Please call us at 626-943-2200.
[i] Symantec, Internet Security Threat Report 2013: Volume 18 (April 2013) p. 4.
[ii] Risk Based Security, An Executive’s Guide to Data Breach Trends in 2012
[iii] Ponemon Institute, 2014 Cost of Data Breach Study: United States
[iv] Ponemon Institute, 2014 Cost of Data Breach Study: United States
[v] California Office of the Attorney General, Cybersecurity in the Golden State How California Businesses Can Protect Against and Respond to Malware, Data Breaches and Other Cyberincidents.February 2014
[vi] Mintz, Michael. Cyberattacks on Law Firms a Growing Threat” Corporate Counsel March 19, 2012
[vii] California Office of the Attorney General, Cybersecurity in the Golden State How California Businesses Can Protect Against and Respond to Malware, Data Breaches and Other Cyberincidents.February 2014