How to Guide Your Insureds Through a Data Breach
Whether through sophisticated malware, phishing schemes, or an unsecured website that leads to data leaks, cyber attacks occur frequently enough to warrant due diligence. Cyber attacks affect businesses of every size — from a mom-and-pop shop that takes digital payments to large enterprises that rely on e-commerce platforms. Here are some practical tips that insurance agents can use to advise their insureds in the event of a data breach.
Create a Cyber Security Response Plan
Even with the prevalence of cyber attacks, 77% of organizations do not have a cyber security response plan. Insurance agents can actively take part in protecting their clients from cyber attacks by educating and informing them about the importance of preparation. When a cyber attack happens, it can lead to confusion throughout the company with staff members unsure of how to respond. It’s important to remain calm and work collaboratively so that the data breach can be contained as quickly as possible. For clients that don’t have a cyber security response plan, this article can help agents provide some initial guidance. Keep in mind that there is no one-size-fits-all response plan in terms of cyber attack solutions.
Respond Quickly to a Cyber Attack
When the worst happens, time is of the essence. The swifter the response to a cyber attack, the better. Malware can spread from one employee’s device to others in minutes. Insurance agents can advise their clients to put a communications system in place that notifies all employees immediately when a cyber attack is discovered, such as an instant-messaging app that can notify all team members quickly and remind them of predetermined next steps to address the breach.
Prevent Further Data Leakage
Once a business has identified that a breach has occurred, the next step is to prevent further data leaks by removing the source of the cyber attack, which could be a phishing email, third-party software, or digital assets that have been downloaded from an external website, to name a few common sources. Here are additional steps your client can take to safeguard data in the immediate aftermath of a breach and incorporate into the organization’s ongoing preventive cyber security measures:
- Protect Wireless Networks: Once a cyber attack is identified, all network passwords should be changed, starting with the wifi router. Businesses of all sizes should mandate routine network password updates throughout the year as part of the organization’s cyber security risk management plan.
- Change User Passwords: Passwords and access codes should be changed at the server level and individual user lever across the organization in the immediate aftermath of a cyber attack. As an ongoing cyber security measure, the network administrator should set up automatic reminders requiring individual users to change their passwords on a regular basis (at least quarterly).
- Implement Multifactor Authentication: Multifactor authentication adds layers of security to individual user credentials. This protection has already become routinely used for consumer websites – think of all the sites that text a code to your smartphone when you log in or require you to enter a PIN number along with a password. Combining multiple levels of authentication increases security. Even if your password is compromised, an unauthorized user won’t be able to complete the authorization and access secure data. This step is critical for securing the stored personal and private information of clients and employees to help prevent ID theft.
- Encrypt and Back Up Data: When a network implements effective data encryption protocols, cyber attackers have little chance of deciphering the data without a decryption key. Data should also be routinely backed up to at least one off-premises storage location such as a secure cloud service. Hardware backups (copying data to portable storage drives or discs) can be used as a second line of defense against many types of cyber attacks including ransomware.
Trace and Contain the Cyber Attack
Access to a range of digital assets is part of daily business operations in most industries. With that in mind, advise your clients to be cautious about clicking links embedded in an email or downloading files from unknown external sites. These are common methods for deploying malware that can lead to a data breach, identify theft, or ransomware attack.
Document the Evidence
Documentation is essential when it comes to responding to a cyber security breach. Insurance agents should advise their commercial clients to carefully document every aspect of the response effort including the time and location of the breach, the type and source of the cyber attack, and communications to staff, stakeholders, and customers. Not only is this information important when it comes to filing an insurance claim, it also provides specific data that can assist in updating the cyber response plan going forward. Documentation in the form of reports, photos, videos, and data should be stored electronically in the cloud for safekeeping and ease of access.
Comply With Statutory Requirements
Depending on the jurisdiction and your client’s industry, there may be legal requirements at the state and federal levels that mandate certain actions in response to a data breach. A business may be required to notify law enforcement, affected businesses such as financial institutions, and individuals. If the breach involves personal health records, additional requirements may be mandated under the federal HIPAA Breach Notification Rule. Be sure to counsel your clients that failure to comply with applicable federal or state statutes may result in civil penalties including hefty fines per occurrence.
Consider Cyber Insurance as a Safety Net
Cyber attacks can be costly, and not many businesses are equipped with the financial resources needed to respond to a cyber attack. In one study, it was found that the average cost for data breaches impacting small businesses were an estimated $2.98 million. Having a cyber insurance program in place can help protect clients from unnecessary financial costs. MiniCo offers an exclusive Cyber Insurance program that provides critical coverage for costs resulting from a data breach and related expenses associated with the loss of data. Click here to get detailed coverage information and submit an application.