Cyber Security Resource Center
Learn how you can be better protected in the event of a
E.B. Cohen is committed to educating our clients on ways to protect their family or business. Learn what you can do to protect yourself from being the victim of a cyber attack. Cyber threats include dangers such as viruses erasing entire systems, intruders breaking into systems and altering files, intruders using your computer or device to attack others and intruders stealing confidential information. The spectrum of cyber risks is limitless; threats, some more serious and sophisticated than others, can have wide-ranging effects on the individual, community, organizational and national levels.
When cyber attacks like data breaches and hacks occur, they can have devastating results. Organizations have to deal with countless headaches, like business disruptions, lost revenue and litigation. Cyber liability insurance is now an essential component of any business’s risk management program as it provides a number of unique benefits.
Before a Cyber Attack
You can increase your chances of avoiding cyber risks by setting up the proper controls. The following are things you can do to protect yourself, your family, and your property before a cyber incident occurs:
Only connect to the internet over secure, password-protected networks
Do not click on links or pop-ups, open attachments or respond to emails from strangers
Always enter a URL by hand instead of following a link if you are unsure of the sender
Do not respond to online requests for personally identifiable information (PII). Most organizations- such as banks, universities, and businesses- will never ask for your personal information over the internet
Limit who you are sharing your information with by reviewing the privacy settings on your social media accounts
Trust your instincts. If you think an offer is too good to be true, it probably is
Password-protect all devices that connect to the internet and all user accounts
Do not use the same password twice—choose a password that means something to you and you only. Change your passwords on a regular basis (every 90 days or so)
If you see something suspicious, report it to the proper authorities
The extent, nature and timing of cyber incidents are impossible to predict. There may or may not be any warning. Some cyber incidents take a long time (weeks, months or years) to be discovered and identified
More About PII
PII is information that can be used to uniquely identify, contact or locate a single person. PII includes but is not limited to:
Social security number
Date of birth
Place of birth
Driver’s licence number
Vehicle registration plate number
Credit card numbers
Gender or race
Take these steps if you believe your PII has been compromised:
Immediately change all passwords, and change your financial passwords first. If you used the same password for multiple resources, make sure to change it for each account, and do not use that password in the future.
If you believe the compromise was caused by malicious code, disconnect your computer from the internet.
Restart your computer in safe mode and perform a full system restore.
Contact businesses, including banks, where you have accounts, as well as credit reporting companies.
Close any accounts that may have been compromised. Watch for any unexplainable or unauthorized charges to your accounts.
During a Cyber Attack
Here are some of the steps that you should take during a cyber attack:
Check to make sure the software on all of your systems is up to date
Run a scan to make sure your system is not infected of acting suspiciously
If you find a problem, disconnect your device from the internet and perform a full system restore
Disconnect your device (e.g., computers, gaming systems or tablets) from the internet. By removing the internet connection, you prevent an attacker or virus from being able to access your computer and perform tasks such as locating personal data, manipulating or deleting files, or using your device to attack others
If you have anti-virus software installed on your computer, update the virus definitions, if possible, and perform a manual scan of your entire system. Install all of the appropriate patches to fix known vulnerabilities
If you have access to an IT department, contact someone in it immediately. The sooner someone can investigate and clean your computer, the less damage to your computer and other computers on the network
If your believe you might have revealed sensitive information about your organization, report it to the appropriate people within the organization, including network administrators. They can alert for any suspicious or unusual activity
After a Cyber Attack
File a report with the local police so there is an official record of the incident
Report online crime or fraud to the Internet Crime Compliant Center (IC3) or the federal government's internet fraud resource website
Report identity theft to the Federal Trade Commission.
If your PII was compromised, consider other information that may be at risk. Depending what information was stolen, you may need to contact other agencies. You should also contact your state's DMV for transportation if your driver's license or car registration has been stolen.
In addition to insuring your home or business, E.B. Cohen Insurance & Risk Management is committed to helping your, your loved ones, and your organization stay safe when disaster strikes. If you would like more information on how to protect yourself from a cyber attack, please contact us at (973)-403-9500.
Benefits of Cyber Liability Insurance
Data Breach Coverage
In the event of a breach, organizations are required by law to notify affected parties. This can add to overall data breach costs, particularly as they relate to security fixes, identity theft protection for those impacted by the breach and protection from possible legal action.
Business Interruption Loss Reimbursement
A cyber attack can lead to an IT failure that disrupts business operations, costing your organization both time and money. Cyber liability policies may cover your loss of income during these interruptions. What's more, increased costs to your business operations in the aftermath of a cyber attack may also be covered.
Cyber Extortion Defense
Ransomware and similar malicious software are designed to steal and withhold key data from organizations until a steep fee is paid. As these types of attacks increase in frequency and severity, it's critical that organizations seek cyber liability insurance, which can help recoup loses related to cyber extortion.
Following a cyber attack, your organization will have to investigate to determine the extent of the breach and what led to it. The right policy can reimburse the insured for costs related to forensics and seeking out expert advice. Additionally, some policies can provide 24/7 support from cyber specialists, which is especially useful following a hack or data breach.
In the wake of a cyber incident, businesses often seek legal assistance. This assistance can be costly. Cyber liability insurance can help businesses afford proper legal work following a cyber attack.
Coverage Beyond a General Liability Policy
General liability polices don't always protect organizations from losses related to data breaches. What's more, data is generally worth far more than physical assets, and it's important to have the right protection in place when you need it most. Supplementing your insurance with cyber coverage can provide you with peace of mind, in event of an attack, your organization's financial and reputational well-being is protected.
Common Cyber Claims Scenarios
Claims Scenario: Outsourcing Gone Wrong
The company: A national construction company that outsources some of its cyber security protections
The challenge: A construction firm partnered with a third-party cloud service provider in order to store customer information. While this service helped the company save on server costs, the third-party firm suffered a data breach.
As a result, the construction firm had to notify 10,000 of its customers and was forced to pay nearly $200,000 in incident investigation costs. The incident was made worse by the fact that the firm did not have a document retention procedure, which complicated the incident response process.
Cyber liability insurance in action: Following a data breach or other cyber event, the right policy can help organizations recoup a number of key costs. Specifically, cyber liability policies often cover investigation and forensics expenses- expenses that can easily bankrupt smaller firms who forgo coverage.
What's more, when third parties are involved, managing litigation concerns can be a challenge. By using cyber liability insurance, organizations have access to legal professionals well-versed in cyber lawsuits and response.
Claims Scenario: Pardon the Interruption
The company: An online retail store that relies heavily on e-commerce
The challenge: A small-sized, online retailer partnered with a data centre to host its website and store its data. This is not uncommon, as many small businesses don't have the IT infrastructure to host products, process payments and fulfill orders on-site.
Unfortunately, the data centre was targeted in a distributed denial-of-service (DDoS) attack. As a result of this attack, the retailer's website went down for several days. While functionality was eventually restored, business interruption costs from lost sales and website downtime was over $165,000.
Cyber liability insurance in action: DDoS attacks are one of many weapons cyber criminals use to infiltrate and disrupt business. These attacks can impact any organization that owns a website, regardless of where it's hosted.
Cyber liability insurance is one of the only protections organizations have against costly DDoS attacks and similar disruptions. This is because cyber policies offer business interruption loss reimbursement. Following a disruption caused by a cyber event, policies kick in and help organizations recover from any financial losses.