Issue link: http://read.dmtmag.com/i/96778
Risk Management ("Watch Out for Another Legal Gotcha – Fiduciary and Cyber/Privacy Liability" continued from page 56) No business is without these exposures, and despite one's best procedures to prevent these events, human ingenuity finds ways to penetrate your data. Employee negligence is the single largest exposure causing cyber/privacy losses today. Yet how many of you would attribute this kind of loss to your own staff? Employee negligence happens in a lot of different ways. Some examples of employee negligence include: Improper disposal of records and/or confidential information Loss of portable devices Improper maintenance or storage of printed material Inadvertent disclosure or sharing of information Inadvertent infection of a computer, system or file Inadvertent transmission from an infected computer, system or file Inappropriate disclosure of information to a third party Another worrisome exposure is the rogue employee. This is a disgruntled employee who engages in deceitful or destructive actions. This can be in the form of stolen intellectual property, disruption to or destruction of systems, and many other means of acting upon or causing ill-will. Other cyber/privacy exposures include: Transmission of malicious code Breach of confidential information Hacking into one's system by a third party Violation of employee privacy rights Similar to fiduciary liability, most business owners are not aware that traditional general liability insurance policies do not cover losses related to cyber liabilities. The media frequently reports on cyber security breaches within larger corporations, major credit card companies, and even the Defense Department, but rarely do you read about these same types of breaches within smaller businesses, but cyber liability can affect businesses of all sizes. According to a 2011 survey from Symantec, cyber attacks cost companies, on average, $470,000 in lost revenue and downtime. Fortunately there is insurance coverage available to transfer this exposure to the insurance company and offer you financial protection. This type of insurance program is called Cyber Liability and incorporates First Party (protection for your company) and Third Party (legal liability your company has to other parties) coverage. Cyber Liability is a growing and fast evolving coverage. It will soon be a requirement for most government contracts that a Don't Miss: The Changing Landscape of Fiduciary Responsibility – at AED Summit The laws and regulations are many – and today the retirement plan fiduciary is becoming a target of predatory attorneys. Find out how to comply with the rules and learn the top reasons fiduciaries get sued. Presented by Todd Thompson, Director of Business Products Group, Sentry Insurance Company. 58 | www.cedmag.com | Construction Equipment Distribution | December 2012 contractor have Cyber Liability insurance in place. In 2005, an FBI survey showed fewer than 30 percent of businesses had Cyber Liability insurance in place; today more than 60 percent of businesses have some form of Cyber Liability. The first step in designing a Cyber Liability program is understanding what the coverage components are and why they are needed. These coverage components are split into two types of coverage: First Party Costs and Third Party Legal Liability: First Party Costs. Breach Response or Notification Costs provides for the reimbursement of costs incurred to respond to a network security and/or privacy liability breach or compromise. Costs include notification to the consumer, credit repair, monitoring and support services, forensic expenses, and crisis management/public relations expenses. Business Interruption provides for the reimbursement of expenses and lost income due to a business interruption as a result of a network security and/or privacy liability breach or compromise. Loss of Data/Digital Assets provides for the reimbursement of expenses of the Insured to recover, repair or restore digital assets affected as a result of a network security breach. Cyber Extortion provides for the reimbursement of costs as a result of an extortion attack through electronic means. Cyber Terrorism provides for the reimbursement of costs arising from a terrorist activity or event. Third Party Legal Liability. Media Event Liability provides coverage for claims arising from personal injury (libel or slander) or advertising injury arising from your website and/or printed materials. Network Security & Privacy Liability provides coverage for claims arising out of a breach or compromise of your network and/or personal confidential information of others in your possession. Regulatory Fines provides coverage for regulatory penalties, fines and actions brought against you by governmental agencies as a result of a privacy liability compromise event. Policies and procedures for handling the corporate and personal risks identified here are essential to an effective Risk Management Program. Both Fiduciary Liability and Cyber Liability insurance are important tools to limit surprise expenses in your business and are critical to your overall Risk Management Program. Be sure to include these discussions when designing your insurance program. BOBETTE PUCKETT is executive vice president at Alper Services LLP in Chicago. She can be reached at 312-642-1000, bpuckett@alperservices.com CHRIS BRECK is vice president at Alper Services, and he can be reached at cbreck@alperservices.