Skip to main content
Risk Management Bulletin


By March 1, 2011No Comments

Cyber crime struck more than four in 10 (43%) U.S. businesses in 2009 according to the Computer Security Institute’s Computer Crime and Security Survey.

The number of data security breaches in companies is growing exponentially as they rely more heavily on technology and the Internet. Every organization needs to protect its priceless data and develop ways to prevent breaches that can create hefty direct cleanup expenses – not to mention severely damaging customer trust and loyalty.

Legal protection against this threat remains spotty at best, because laws covering the protection and disclosure of confidential consumer information vary widely from state to state.

To make sure that you invest in technologies and policies that safeguard your confidential data, we’d recommend taking these precautions:

Enlist management in the fight against cyber crime. This responsibility extends far beyond the information technology department. Putting a top manager in charge of your cyber risk management will make all employees more likely to understand the problems involved and work to curb them.

Identify and quantify your vulnerability to cyber crime. Consider hiring a third-party expert to evaluate your exposure to cyber risks and the potential financial impact of a breach. This specialist should provide answers to such questions as:

  • Is the firm retaining any private data about clients, vendors or employees?
  • What’s the best way to evaluate the costs and benefits of additional IT loss-prevention expenditures?
  • Should we buy Cyber Risk insurance?

Get your HR team involved. Implement cyber security processes in every area of the business, including the HR department. As the driver of company culture, HR can help support and strengthen these procedures. Because the lines between employees’ personal conduct and their business conduct — during business hours — can be unclear, HR must define and communicate the company’s privacy policy, as well as rules and requirements regarding employee use of the Internet and social networking sites as public forums.

Because security breaches usually occur both in areas of the organization generally considered to have adequate security protocols — and in unanticipated areas — it makes sense to carry Cyber Risk coverage. A number of quality insurance companies remain committed to this market. Although there’s no replacement for sound risk management, a comprehensive insurance policy can provide a solid last line of defense.

Our risk management professionals would be happy to help you find the coverage that can help protect your business. Just call or e-mail us.