By Drew M Smith
The number of cyber breaches continues to rise as billions of dollars are spent on protecting assets and recovering the data that has been compromised through the use of schemes. Whether it’s compromised passwords or a hack from a third party, the amount of damage these breaches can cause are astronomical.
Many studies have been done in identifying where most of these breaches have come from. Some of them are client based while others are more encompassing. Chubb recently released a study stating they have started to see an increase in the number of breaches and it is expected to increase again in the near future.
The numbers in which Chubb has compiled show a frightening number of breaches that are caused by human hands. In the ten years since they have started to track these numbers, the trend has been more towards an individual than a company mistake; 29% of the breach triggers were caused by hacks and 15% of the observed hacks were caused by human errors such as opening hacked e-mails or encountering malicious software. The most frightening is a combined 32% of the accounted cyber breaches were from lost devices such as laptops and hard drives or rogue employees, who steal the secrets and sell them. Even shrinking the range of data to three years sees hacks and human input as the number one causes of cyber breaches, with 34% coming from hacks and 26% from misplacing their laptops or a rouge employee.1
The numbers tell one story but what these types of attacks go after vary greatly by the type of service the target provides. While most of the breaches in the ten year Chubb survey are hacks by outside parties, two services buck this trend. The healthcare industry, with hundreds of thousands of files in a given hospital, were breached by an employee that either worked or was recently fired, with 25% of the reported breaches happening this way. The other area, professional services, had more breaches caused by lost or stolen laptops, meaning that even personal data could be at risk if the wrong computer is snatched.
The problem is that most people don’t think they would ever be hacked. ‘I don’t need cyber coverage.’ or, ‘It won’t happen to me I am too small.’ Even the dreaded ‘I’ve got security I don’t need cyber insurance.’ They are opening themselves to being breached and it tends to be extremely expensive. This lack of knowledge could end up ruining your business.
To help deter any potential breaches, there are many thing things you could do:
- Install software to allow wiping your hard drive remotely.
- Always verbally confirm emails that request sending of sensitive information or funds.
- Change your passwords regularly.
- Install tracking software.
- Lock-down all USB and other ports to prevent copying files.
Protecting your assets has become a higher priority in the light of an increasing number of cyber breaches. Taking the steps to minimize your exposure will benefit you in the long run.
For more information on Privacy & Network Security Liability Insurance click here.
About Axis Insurance Services, LLC
Axis Insurance Services, LLC (AIS) is a licensed professional liability insurance broker located in Franklin Lakes, NJ with agents licensed nationwide. They offer access to high-quality insurance products in the areas of Errors and Omissions insurance (E&O), Directors and Officers liability insurance (D&O), Crime, Fiduciary, and Privacy/Network security coverage for today’s professional service firms. AIS works with all company types including commercial real estate firms, real estate agents and brokers, property managers, insurance agents, medical groups, practice managers, third party administrators, lawyers, accountants, architects, engineers and many others.
Axis Insurance Services LLC., is not affiliated with Axis Capital, Axis Insurance Company, its subsidiaries or affiliates in any way.
For more information visit www.axisins.com or contact:
Mike Smith, President
Axis Insurance Services, LLC
201-847-9175 ext. 105
msmith@axisins.com
1Chubb “What are we seeing?” Cyber/Privacy Risk Mitigation April 2016.