March 29, 2024
Search
Close this search box.
Search
Close this search box.
March 29, 2024
Search
Close this search box.

Linking Northern and Central NJ, Bronx, Manhattan, Westchester and CT

Cyber Warfare … It’s Already Here

After the security breaches of Anthem, Sony and Home Depot where more than 133 million records were stolen, the IRS was targeted and 700,000 identities were compromised. Yet those breaches pale in comparison with the two Yahoo breaches where more than 1.5 billion records were stolen in 2016. The proliferation of internet use is a direct correlation to the increasing number of data breaches and cyber hacking. This is a growing concern for the foreseeable future.

Who are the targets? Everyone. In today’s environment we electronically transmit more and more information that is becoming easier to intercept, causing us all a lot of grief. According to the IBM study, the average cost incurred to notify each person of a breach has increased from $154 to $158 but can be as high as $355. Imagine a small doctor’s office with 100 total patients—they can easily be looking at $15,800 for a data breach, not to mention any fines imposed by the state. What if there were thousands of records over the years?

While the more sophisticated hackers test their coding skills against larger companies, many target the smaller companies and nonprofits that don’t have the budget for all the bells and whistles when it comes to IT defense. The Guardian1 did a study that showed the average age of hackers dropped from 24 to 17. Yes, a senior in high school might be sitting in his basement hacking into some of the largest companies in the country.

A 2017 Data Breach Industry Forecast report published by Ponemon and IBM advised that the healthcare industry is fertile ground for data breaches. More than 100 million records were stolen in 2016 and the trend continues to escalate.2 Doctors’ offices and law firms are the low-hanging fruit as hundreds if not thousands of personal identifiable information records are kept—both hard and soft copy.

Many companies tell me they don’t have an exposure to a cyber threat because they either don’t take credit cards, outsource their IT work or have everything backed up in cloud software. The most obvious exposure is that companies have data of their very own employees at risk. Health insurance records contain birthdays and social security numbers for employees as well as dependents. In addition, I have reviewed many IT contracts and all of them put the onus of any hack or breach back onto the employer. It’s all in the fine print.

There are a few things that can be done to help mitigate these circumstances. If you are faced with a ransom threat, decryption keys are available at www.nomoreransom.com, a free website backed by law enforcement agencies in 25 countries. In addition, the FBI’s website, www.IC3.gov, collects information on each attack to try and catch the culprits and prevent future attacks. If you have a breach, you should report it as soon as possible.

Lastly, there are insurance policies you can purchase called Privacy and Cyber Liability, which transfer some of the varying costs associated with a breach to the insurance company. These policies can reimburse you for ransom paid, PCI fines and third-party credit monitoring; absorb the cost of forensic analysis to determine the extent of the breach; and, most importantly, cover the exorbitant notification costs and legal defense. Each insurance company has different coverages that need to be reviewed to make sure you have a policy that provides the protection you need.

1 https://www.theguardian.com/technology/2015/dec/08/average-age-of-cyber-attack-suspects-drops-to-17

2 2016 Cyber Security Intelligence Index, IMB

By David Feuerstein

 David Feuerstein is a Senior Vice President with Brown & Brown (NYSE: BRO), the largest insurance broker in NJ. David’s consultative approach toward employee benefits, property & casualty insurance, and personal coverage has fostered strong ties with his clients. David can be reached at [email protected] or 973-549-1947.

 

Leave a Comment

Most Popular Articles