5 Cyber Risks for Technology Companies
Cyber risks are omnipresent for technology companies, yet one in five tech companies reported not needing cyber insurance coverage because of other preventive measures they take, according to the 2017 Travelers Risk Index.
“Preventive measures alone might not be enough to protect tech companies from a cyber loss,” said Tim Francis, Travelers’ Enterprise Cyber Lead. While the average total organizational costs of a breach now top $7 million,1 the complexity of meeting state and federal regulatory requirements can also be daunting for tech companies in the wake of a breach.
Here are 5 additional risks for tech companies to consider:
1. Social engineering fraud. Phishing attempts, where employees receive seemingly legitimate emails from trusted sources, like vendors or clients, can lead to employees sending money in error to a fraudster’s bank account.
2. Business interruption and additional expenses from system failure. Software conflicts due to system updates or other system failure could accidentally shut down your network and lead to lost sales and lost business income.
To protect against this, consider adding first-party coverage for business income loss and additional expenses that are directly attributable to “system failure,” defined as an unplanned or unintentional outage of “your computer or communications network”. This does not include outages resulting from “computer systems disruption.”
3. Security breach notification and remediation expenses. After the theft of sensitive customer data, the costs for notifying customers and providing credit monitoring services can quickly add up. Other costs can include providing a call center to handle customer inquiries.
4. Confidential business data breaches. If a hacker steals confidential information such as purchase history or financial records of your customer, many cyber policies may not provide coverage because they apply only to breaches of personal identity information (PII).
5. Security flaws and failure to update IT security. If your IT department fails to update security software, it could leave the door open to cyber thieves looking to steal sensitive business data. Some insurers may deny coverage due to failure to adhere to internal computer security protocols, or deny claims because the breach resulted from a failure to adhere to reasonable security standards.
1 Ponemon Institute® 2017 Cost of Data Breach Study: United States