Review the Causes of Breaches and Network Outages

While the news headlines most often focus on data breaches affecting mega multinational corporations, the majority of reported breaches impact smaller business and result from accidental disclosures, lost laptops or improperly discarded files.  The main purpose of this step is to make the insured understand that it can happen to them (Because it can!).

 

There are 5 common causes of breaches you can quickly explain to your clients:

• Negligence: The most common cause, and most relatable — the laptop stolen from the business owner’s car, or sensitive files being thrown into a dumpster by a well-intended office assistant.

• Social Engineering: The art of deception — Your accounting department receives instructions from what seems to be the CFO, to wire money to a new vendor. Even the most detail oriented employee can fall for a fraudulent email and send sensitive data or money to the wrong person.

• Rogue Employees: It’s a fact of life that all employers have to plan for — a disgruntled employee wants revenge and with access to secure systems, can be a potential risk.  Even the most advanced network security system is vulnerable to an employee who has the passwords.  Private information can be sold online for substantial sums.

• Business Associates – Your client may have excellent security procedures and state-of-the-art encryption. But does customer data flow through any of their vendors’ systems? Does the payroll firm practice safe data management? Is your email service ‘in the cloud’ and secure?  Do your clients’ contracts with business associates indemnify them for any breaches caused by business associates?

• Hackers: Yes, businesses of all sizes are subject to hackers. Whether in the form of a virus or other automated attack, there is a constant threat of breach by those who seek to gain from your client’s potential vulnerability.  If hackers are able to break into the FBI and other highly secure networks, your insured’s network would be a walk in the park for a determined hacker.  Many small business networks are breached by automated malicious viruses, that are designed to steal data from several sources at once, which means that a business doesn’t have to be specifically targeted by a hacking group to be affected.

 

The threats are real and increasingly commonplace.