What happens when an ethical tautology collides with a business imperative? Cyber liability.
Business must keep confidential information regarding clients, customers, and casual prospects secure from unauthorized use and publication.
Business must also engage in web-related activities, even something as benign as email, in the twenty-first century. A website or an email opens a portal to your business. Unguarded, this portal becomes a virtual interstate.
Communications companies, large retailers, and financial companies have paid tens of millions of dollar fines for breaches in security.
Medium and small companies share this risk if they have an internet footprint.
Cyber and Privacy Insurance coverage is complex. The most comprehensive stand-alone forms cost a minimum of ten thousand dollars in premium, which prices the coverage out of the small to medium size business budget.
Risk management offers some solutions to the problem. Engage an expert webmaster and risk manager to implement:
– Hold harmless agreements, shifting the responsibility to users
– Insurance requirements of third party vendors involved with your site
– Screen your interface users carefully
Currently, risk avoidance, although immediately pricey, is your best long-term solution to reducing your risks. Let the hackers move on to a less guarded site, or a more lucrative target.
The insurance aspect of protection requires expertise because forms and coverage differ dramatically among the carriers. Your professional risk manager can determine:
– Which policy contains the fewest or least costly exclusions to your normal operations
– Any exceptions to those exclusions which may provide coverage
– The adequacy of Cyber coverage contained in package policies
– How much coverage (policy limits) is enough
– Does your company have an exposure to bodily injury or property damage due to cyber liability? Machine software tampering causing malfunction, for example.
Cyber liability insurance is still in its infancy. Privacy, particularly for personal financial and health data, must be maintained. The web opens a door to that private data. Business needs vigilance and creative thinking to shut down this paradox.