Fischbein Insurance

  • About
  • Comm. Insurance
  • Comm. Property
  • Apt. Owners
  • Newsletter
  • Contact
You are here: Home / Archives for Theme 102

August 5, 2014 By admin Leave a Comment

IN: Is Your Customer Information Properly Safeguarded Online?

Dear Valued Customer,

This issue of the “—————–” is focused on Cyber Security. Hundreds of millions of million data records of U.S. residents have been exposed due to security breaches, and businesses rely on their use of technology and access to the Internet. This reliance increases the potential for data security and privacy breaches.

Read on to understand the growing threat posed by high profile mega data breaches like those recently experienced at eBay, Target, Neiman Marcus and even the U.S. government. What does this mean to your personal security? And why most companies have cyber-risk gaps in their insurance coverage.

We appreciate your continued business and look forward to serving you.

Kind regards,

Filed Under: Business, Cyber/Digital, Identity Theft, Theme 102

August 5, 2014 By admin Leave a Comment

Cyber Risks: The Growing Threat

People_ManWithBinocularsAmid a rising number of high profile mega data breaches—most recently at eBay, Target and Neiman Marcus—government is stepping up its scrutiny of cyber security. This is leading to increased calls for legislation and regulation, placing the burden on companies to demonstrate that the information provided by customers and clients is properly safeguarded online.

Despite the fact that cyber risks and cyber security are widely acknowledged to be a serious threat, many companies today still do not purchase cyber risk insurance. However, this is changing. Recent legal developments underscore the fact that reliance on traditional insurance policies is not enough, as companies face growing liabilities in this fast-evolving area.

Specialist cyber insurance policies have been developed by insurers to help businesses and individuals protect themselves from the cyber threat. Market intelligence suggests that the types of specialized cyber coverage being offered by insurers are expanding in response to this fast-growing market need.

There is also growing evidence that in the wake of the Target data breach and other high profile breaches, the number of policies is increasing, and that insurance has a key role to play as companies and individuals look to better manage and reduce their potential financial losses from cyber risks in future.

For an analysis of the state of cyber risk and the insurance industry, download the full White Paper below.

Please click on the file name below to view the white paper in PDF format. You will need Adobe Acrobat Reader to view the file.

Download paper_cyberrisk_2014.pdf

Source: Insurance Information Institute, “Cyber Risks: The Growing Threat” http://www.iii.org website. Accessed August 5, 2014. http://www.iii.org/white-paper/cyber-risks-the-growing-threat

© Copyright 2014. All rights reserved. This content is strictly for informational purposes and although experts have prepared it, the reader should not substitute this information for professional insurance advice. If you have any questions, please consult your insurance professional before acting on any information presented. Read more.

Filed Under: Business, Cyber/Digital, Identity Theft, Theme 102

August 5, 2014 By admin Leave a Comment

Identity Theft & Cyber Security

Money_People_IdentityThiefHandsComputer

As businesses increasingly depend on electronic data and computer networks to conduct their daily operations, growing pools of personal and financial information are being transferred and stored online. This can leave individuals exposed to privacy violations and financial institutions and other businesses exposed to potentially enormous liability, if and when a breach in data security occurs.

The Consumer Sentinel database, maintained by the Federal Trade Commission, contains over 9 million consumer fraud and identity theft complaints that have been filed with federal, state and local law enforcement agencies and private organizations over the five years 2009 to 2013. In 2013 alone, over 2 million complaints were filed.

The increase in online shopping in recent years has created new avenues for identity thieves. However, a 2013 study by Travelers Insurance of its 2011 identity fraud claims found that burglary and theft of physical objects led to the majority of identity fraud claims. The study identified the following four top causes of identity fraud:

  • Stolen wallet or purse (44%)
  • Auto burglary (16%)
  • Online (15%)
  • Home Burglary (12%)

IDENTITY THEFT AND FRAUD COMPLAINTS, 2011-2013 (1)

id_theft_and_fraud_comp_11-13.gif

(1) Percentages are based on the total number of Consumer Sentinel Network complaints by calendar year. These figures exclude “Do Not Call” registry complaints.

Source: Federal Trade Commission.

View Archived Graphs

HOW VICTIMS’ INFORMATION IS MISUSED, 2013 (1)

Type of identity theft fraud Percent
Government documents or benefits fraud 34%
Credit card fraud 17
Phone or utilities fraud 14
Bank fraud (2) 8
Attempted identity theft 7
Employment-related fraud 6
Loan fraud 4
Other identity theft 24

(1) Percentages are based on the total number of complaints in the Federal Trade Commission’s Consumer Sentinel Network (290,056 in 2013). Percentages total to more than 100 because some victims reported experiencing more than one type of identity theft (16% in 2013).
(2) Includes fraud involving checking and savings accounts and electronic fund transfers.

Source: Federal Trade Commission.

View Archived Tables

IDENTITY THEFT BY STATE, 2013

State Complaints per 100,000 population (1) Number of complaints Rank (2) State Complaints per 100,000 population (1) Number of complaints Rank (2)
Alabama 74.7 3,610 14 Montana 50.1 509 40
Alaska 52.2 384 37 Nebraska 51.6 965 39
Arizona 91.2 6,043 7 Nevada 97.1 2,708 4
Arkansas 62.1 1,839 29 New Hampshire 51.9 687 38
California 105.4 40,404 3 New Jersey 80.6 7,176 12
Colorado 79.6 4,195 13 New Mexico 69.4 1,448 19
Connecticut 69.4 2,496 19 New York 86.9 17,072 9
Delaware 81.1 751 11 North Carolina 67.8 6,679 24
Florida 192.9 37,720 1 North Dakota 32.1 232 50
Georgia 134.1 13,402 2 Ohio 64.8 7,502 26
Hawaii 37.8 531 48 Oklahoma 60.0 2,309 34
Idaho 49.5 798 43 Oregon 60.3 2,370 33
Illinois 85.9 11,069 10 Pennsylvania 70.0 8,943 18
Indiana 58.5 3,845 35 Rhode Island 60.6 637 31
Iowa 40.4 1,248 46 South Carolina 70.7 3,374 17
Kansas 61.6 1,783 30 South Dakota 33.4 282 49
Kentucky 50.1 2,201 40 Tennessee 68.8 4,468 22
Louisiana 69.3 3,204 21 Texas 88.0 23,266 8
Maine 38.5 511 47 Utah 49.3 1,429 44
Maryland 95.5 5,660 6 Vermont 43.7 274 45
Massachusetts 63.3 4,237 27 Virginia 73.1 6,037 16
Michigan 97.1 9,606 4 Washington 68.0 4,739 23
Minnesota 53.8 2,917 36 West Virginia 60.6 1,124 31
Mississippi 74.7 2,233 14 Wisconsin 63.3 3,635 27
Missouri 67.0 4,052 25 Wyoming 49.6 289 42

(1) Population figues are based on the 2013 U.S. Census population estimates.
(2) Ranked per complaints per 100,000 population. The District of Columbia had 147.9 complaints per 100,000 population and 956 victims. States with the same ratio of complaints per 100,000 population receive the same rank.

Source: Federal Trade Commission.

View Archived Tables

See also the Identity Theft section of our Web site Click Here

CYBER SECURITY

In 2000 the Federal Bureau of Investigation, the National White Collar Crime Center and the Bureau of Justice Assistance joined together to create the Internet Crime Complaint Center (IC3) to monitor Internet-related criminal complaints. In 2013 the IC3 received and processed 262,813 complaints, averaging about 22,000 complaints per month. The IC3 reports that 119,457 of these complaints involved a dollar loss, and puts total dollar losses at $782 million. The most common complaints received in 2013 included auto auction fraud involving the sale of automobiles, real estate scams and FBI impersonation email scams.

CYBER CRIME COMPLAINTS, 2009-2013 (1)

cyb_crime_comp_09-13.gif

(1) Based on complaints submitted to the Internet Crime Complaint Center.

Source: Internet Crime Complaint Center.

View Archived Graphs

TOP TEN STATES FOR CYBER CRIME, 2013 (1)

Rank State Percent
1 California 12.13%
2 Florida 7.45
3 Texas 6.74
4 New York 5.29
5 Pennsylvania 3.32
6 New Jersey 3.21
7 Illinois 2.95
8 Virginia 2.84
9 Ohio 2.75
10 Georgia 2.58

(1) Based on complaints submitted to the Internet Crime Complaint Center via its website.

Source: Internet Crime Complaint Center.

View Archived Tables

Source: Insurance Information Institute, “Identity Theft and Cyber Security” http://www.iii.org website. Accessed October 10, 2014. http://www.iii.org/fact-statistic/identity-theft-and-cyber-security

© Copyright 2014. All rights reserved. This content is strictly for informational purposes and although experts have prepared it, the reader should not substitute this information for professional insurance advice. If you have any questions, please consult your insurance professional before acting on any information presented. Read more.

Filed Under: Business, Cyber/Digital, Identity Theft, Theme 102

August 5, 2014 By admin Leave a Comment

Most Companies Have Cyber-Risk Gaps In Their Insurance Coverage

Workers_ManLeadingMeetingAs companies become more dependent on their computer networks for vital data, business continuity and communications, their vulnerability to cyber catastrophes increases.

“Unfortunately, most companies are operating in a 21st century threat environment with 20th century insurance coverage,” states John Spagnuolo, spokesperson for the Insurance Information Institute (I.I.I.). “The dynamics of risk management have changed with technology.”

The insurance industry has developed cyber insurance products to help businesses confront the growing number of network security risks that have the potential to shutdown a network, destroy vital data or steal customer information. For example, as the public becomes more concerned about privacy, businesses will become more aware that they are liable if their customers’ personal information is compromised. However, only a small number of businesses are properly insured.

According to a recent Ernst & Young survey of 1,400 organizations in its 2003 Global Information Security Survey, only seven percent of respondents knew they had a specific insurance policy geared to this network and cyber-risk. Nearly a third (33 percent) thought they had coverage they actually lacked. Another 34 percent knew they lacked such coverage, while 22 percent didn’t know the answer. Ernst & Young characterized the fact that only 7 percent of surveyed companies had cyber insurance as “astonishingly low, given the risk environment and the fact that general policies don’t provide such coverage.”

Regardless of its product line or service, virtually all major businesses today rely on computer networks to function,” adds Spagnuolo. “But they need to recognize that network security risks are fundamentally different than traditional physical risks like fire. If a hacker or virus shuts down a network or destroys computer software or data, most businesses today have either limited or no coverage. Insurers have excluded these risks from standard commercial policies and are now offering stand alone coverage. Whether your company conducts business over the Internet, stores customer data on servers or simply uses email, it is at risk.”

The Risk

In fact, the number of incidents reported rose by 377 percent between 2000 and 2002, increasing from 21,756 to 82,094, according to the CERT® Centers at Carnegie Mellon University’s Software Engineering Institute, which focuses on ensuring the integrity and survivability of computer networks. An incident may involve one site or possibly thousands of sites. The CERT® Centers also indicate that the number of potential system vulnerabilities has increased by 378 percent, increasing from 1,090 in 2000 to 4,129 in 2002. Possible effects of a cyber attack include denial of service, unauthorized use, loss/misuse of data and loss of public confidence regarding an organization.

The Computer Security Institute (CSI), in cooperation with the Computer Intrusion Squad of the San Francisco Federal Bureau of Investigation (FBI), released the results of its 2003 Computer Crime and Security Survey. More than 250 respondents, which included computer security practitioners in U.S. corporations, government agencies, financial institutions, medical institutions and universities, reported over $200 million in losses. According to CSI, the findings confirm the threat from computer crimes and other information security breaches continues unabated.

“The trends the CSI/FBI survey has highlighted over the years are disturbing,” states Chris Keating, CSI Director. “Cyber crimes and other information security breaches are widespread and diverse. Fully 92 percent of respondents reported attacks.”

The number of intruders grows each day and they are quite different from those of 10 years ago. A hacker does not have to be a sophisticated programmer to be able to harm a computer system. Intruders can use the Internet to educate themselves, and now have access to easy-to-use tools which allow them to do large amounts of damage in short periods of time.

“Intruders could be professional criminals, terrorists, industrial spies, teenagers and perhaps even employees,” emphasizes Spagnuolo.

Cyber-Risk and Homeland Security

Securing the nation’s cyberspace is also a critical element of homeland security, a strategic challenge that requires commitments by both the public and private sectors.

According to the National Strategy to Secure Cyberspace, released by the Bush Administration earlier this year, “Cyber attacks on U.S. information networks can have serious consequences such as disrupting critical operations, causing loss of revenue and intellectual property or loss of life?There is no special technology that can make an enterprise completely secure. No matter how much money companies spend on cybersecurity, they may not be able to prevent disruptions caused by organized attackers. Some businesses whose products or services directly or indirectly impact the economy or the health, welfare or safety of the public have begun to use cyber-risk insurance programs as a means of transferring risk and providing for business continuity.”

“The insurance industry can play a pivotal role in securing cyberspace by creating risk-transfer mechanisms, working with the government to increase corporate awareness of cyber-risks and collaborating with leaders in the technology industry to promote best practices for network security,” says Richard Clarke, former chairman of the President’s Critical Infrastructure Protection Board.

By writing policies for network security exposures, the insurance industry is providing:

  1. Vital risk transfer for network security exposures;
  2. Incentives for network security best practices, including lower insurance premiums; and
  3. Improved cyber-risk management and education.

Coverage

“Traditional insurance policies such as standard property and commercial general liability insurance do not adequately deal with the risks of a cyber attack or network security failure,” cautions Spagnuolo.

Specialized cyber-risk coverage is available primarily as a stand-alone policy. Each policy is tailored to the specific needs of a company, including the technology being used and the level of risk involved. Both first- and third-party coverages are available, including:

  • Loss/Corruption of Data – covers damage to or destruction of valuable information assets as a result of viruses, malicious code and Trojan horses.
  • Business Interruption – covers loss of business income as a result of an attack on a company’s network that limits the ability to conduct business, such as a denial-of-service computer attack. Coverage also includes extra expense, forensic expenses and dependent business interruption.
  • Liability – covers defense costs, settlements, judgments and, sometimes, punitive damages incurred by a company as a result of:
    • Breach of privacy due to theft of data (such as credit cards, financial or health related data),
    • Transmission of a computer virus or other liabilities resulting from a computer attack, which causes financial loss to third parties,
    • Failure of security which causes network systems to be unavailable to third parties,
    • Rendering of Internet Professional Services, and
    • Allegations of copyright or trademark infringement, libel, slander, defamation or other “media” activities in the company’s web site.

  • Cyber Extortion – covers the “settlement” of an extortion threat against a company’s network, as well as the cost of hiring a security firm to track down and negotiate with blackmailers.
  • Public Relations – covers those public relations costs associated with a cyber attack and restoring of public confidence.
  • Criminal Rewards – covers the cost of posting a criminal reward fund for information leading to the arrest and conviction of the cyber-criminal who attacked the company’s computer systems.
  • Cyber-Terrorism – covers those terrorist acts covered by the Terrorism Risk Insurance Act of 2002 and, in some cases, may be further extended to terrorist acts beyond those contemplated in the Act.
  • Identity Theft – provides access to an identity theft call center in the event of stolen customer or employee personal information.

Depending on the policy, coverage can apply to both internally as well as externally launched attacks as well as viruses which are specifically targeted against the insured or widely distributed across the Internet. Premiums can range from a few thousand dollars for base coverage for small businesses (less than $10 million in revenue) to several hundred thousand dollars for major corporations desiring comprehensive coverage.

Risk Prevention Services

As part of the application process, some carriers offer an on-line and/or on-site security assessment free of charge regardless of whether the applicant purchases the insurance. This is helpful to the underwriting process and also provides extremely valuable analysis/information to the company’s chief technology officer, risk manager and other senior executives.

The Market

“Thousands of policies have been written for cyber coverage since the late 1990s,” according to Robert Hartwig, chief economist for the Insurance Information Institute. “Policies written for cyber insurance are likely to reach $2 to $3 billion within the next four to five years as companies recognize existing gaps in their coverage.”

cent legislation and regulation such as the Gramm-Leach-Bliley Act (GLB), Health Insurance Portability and Accountability Act (HIPAA) and California’s Security Breach Information Act (SB 1386), effective 7/1/2003, are also expected to substantially increase potential legal liabilities in this area, increasing the need and demand for cyber-risk insurance coverage.

Source: Insurance Information Institute, “Most Companies Have Cyber-Risk Gaps in Their Insurance Coverage, States The I.I.I. — Traditional Insurance Policies Not Adequate For Cyber Exposures” http://www.iii.org website. Accessed August 5, 2014.  http://www.iii.org/press-release/most-companies-have-cyber-risk-gaps-their-insurance-coverage-states-iii-traditional

© Copyright 2014. All rights reserved. This content is strictly for informational purposes and although experts have prepared it, the reader should not substitute this information for professional insurance advice. If you have any questions, please consult your insurance professional before acting on any information presented. Read more.

Filed Under: Business, Cyber/Digital, Identity Theft, Theme 102

[footer_backtotop]

Copyright © 2023 Fischbein Insurance Services · All Rights Reserved · SITE DESIGN BY INTOUCH ·