Cyberbreaches &

Cyberinsurance
3/27/17
By: Tim Latimer

Overview

Cyberbreaches threaten any individual or company with internet access on any device.

Cyberinsurance is available to mitigate the risk and loses associated with a cyberbreach.

Employee Records, customer information, trademarks, patents and private financial records can

be compromised by a hacker or employee error. These records can include social security

numbers, banking information, credit card numbers, addresses, credit scores and even medical

records. Any private, competitive information or trade secrets that your company has can also be

compromised. These records can be very expensive to recover, especially when financial

information is stolen. Cyberinsurance covers most of the costs associated with a cyberbreach.

Cyberinsurance covers loses due to a cyber or data breach, whether it is done by an employee or

an outside individual.

Cyberbreaches

A cyberbreach or data breach is when sensitive or confidential information is stolen or

viewed by an unauthorized person. Cyberbreaches most commonly occur over the internet due to

poor security on a companys server or individual computers. However, there are countless ways

that someone may breach sensitive information without authorization.

1
 Email servers and accounts are commonly used by hackers to reach private information.

It has become very easy for hackers to breach servers via email. Hackers can send a fake link

that may be disguised as something important or interesting to an employee. As soon as an

employee opens the link, the hacker has successfully breached the system and has most likely

broken past any firewalls designed to keep intruders out. It is very difficult to tell whether an

email is real or fake, therefore proper spam filters and firewalls must be in place to prevent such

attacks.

Unauthorized employee access is another common form of a data breach. Disgruntled

employees or a simple error made by an employee with access to a companys system can be

very dangerous. It is much harder to stop a breach from inside the company, especially if the

employee has unlimited access. Internal passwords and extensive server protection is vital to

prevent such a breach. Unfortunately, this has become a common form of a systems breach.

Cyberbreaches are usually criminal related, meaning the records are breached for the sole

purpose of sale or trade. Credit card information, social security numbers, and even medical

records are very valuable to criminals on the black market, also known as the dark web.

The deep web, also known as the dark web, is a part of the internet that is not

accessible by common search engines such as Google or Mozilla Firefox. Many times, stolen

records are traded or sold via use of the dark web. Much of the activity of the deep web is illegal

or used to share proprietary information between two parties. The total activity on the dark web

is unknown, but it is predicted that the dark web is 100 times larger than the surface web, even

though there are significantly fewer users. Algorithms and automated systems allow these skilled

computer users to transfer massive amounts of data with very little effort.

2
 Some countries, including the USA and China, have engaged in cyberwarfare, where one

government breaches the other, sometimes without that government even knowing. The

Pentagon reports handling roughly 10 Million attempted breaches a day, from other governments

and individual hackers or groups. An executive order was signed on January 31, 2017 that

addressed the current cyberwarfare between foreign governments. The order instructed an audit

of several federal agencies cyber capabilities. It also seeks private sector input to help protect

the US government infrastructure and reviews the current methods to prevent attacks and

mitigate damage. The order also provides incentives to the private sector to help adopt stronger

cyber security measures.

Who is at risk?

Cyberbreaches frequently occur when a companys computer security or firewalls are

weak. Skilled hackers can easily navigate around commonly used firewalls and reach nearly any

document on a companys network or server. Startup companies with low budget security are at

extreme risk of being breached. Poor security allows hackers to get valuable information with

very little effort. Startups are a target for hackers when trade secrets are involved in the

foundation of the company. Companies with less than $1 million in annual revenue accounted for

a majority of the breaches in 2016. Large companies account for only 20% of cyber breaches

worldwide. Larger companies tend to have IT departments that use very complex methods of

internet security. Some of these methods include Cloud Flare or Bitdefender. Cloud Flare creates

a maze like structure on a network or server that forces hackers in the wrong direction in order to

defend important information on a server. Bitdefender is a company that can be contracted or a

software that can be installed to protect proprietary information from hackers or even employees.

3
 There are very few personal or private breaches reported, annually. Many times, this is

due to a lack of awareness. It is difficult to know if you have been hacked without the proper

software and knowledge of computer systems. Private individuals are also less of a target for

hackers because they will only get records for that individual, whereas companies hold large

quantities of data for employees and customers. However, it is extremely easy for hackers to

breach individuals, therefore, high profile individuals may become a target for hackers.

There have been many high-profile breaches. In 2012, hackers across the globe secured

$11.5 Billion, cumulative. In 2013 alone hackers stole $40 million from ATMs from many

different banks, located across the country. Adobe was breached in 2013 and lost nearly 3 million

records. Sony was breached in 2015 and millions of personal customer documents were

compromised, costing Sony roughly $200 Million. In 2016, the average cost of a lost record

grew to over $220 per document.

In 2013, it was estimated that 24,800 American health records were exposed, per day. In

2014, Community Health Systems (CHS) lost 4.5 million social security numbers and addresses.

CHS operates 206 hospitals across 29 states. In 2014 alone, 6 million Americans had patient

records breached. The average cost of a health record was $355 in 2015.

Cyberbreaches have become increasingly common and have led to millions of dollars of

loses for publicly and privately held companies alike. The Securities and Exchange Commission

(SEC) has increased regulation to force publicly traded companies to notify the public of any

breach that occurs and what information was lost. However, privately held companies have no

legal obligation to disclose that a breach occurred, unless specific customer information has been

stolen or compromised. In this case, the company is only responsible for notifying and

indemnifying that customer or customers. Notification, credit monitoring and recovering lost

4
documents can be extremely costly. Cyberinsurance is a way to mitigate the large losses that can

be associated with a breach.

Cyberinsurance

Cyberinsurance is sold by insurance companies to companies of all shapes and sizes to

protect them from crippling costs, post cyberbreach. One major breach can cost a company

millions of dollars, and for smaller companies, this may mean closing shop. Cyberinsurance is

activated when a hacker or employee takes proprietary information from the insured company.

There are many types of losses that cyberinsurance covers. This broad and important coverage

has already saved numerous companies millions of dollars. A breach can be costly to an

insurance company, but the structure of their business allows insurance companies to sustain

much larger losses than other industries.

Cyberinsurance offers many different coverages including; business interruption, data

loss, computer fraud, notification, credit monitoring, funds transfer fraud and cyber extortion.

Business interruption covers any losses associated with normal business functions being slowed

or halted after a breach. Data loss covers the cost to recover lost data or records. Computer fraud

covers any loss associated with the unauthorized use of a company computer. Notification cost

covers the cost to notify a customer or employee if their records are compromised and provides

credit monitoring for that client. Funds transfer covers any unauthorized fund transfer to or from

your business. Cyber extortion covers the cost to recover records that are being held for ransom

by a hacker.

In 2016, the average cost of a data breach for a medium sized company was between $3.8

Million and $4 Million. The likelihood of a breach of more than 10,000 records occurring is

5
roughly 26%, according the Ponemon Institute in 2015. It is estimated that the cost of a breach is

only reduced by $16 a record when a company employs response teams and utilizes proper

record encryption methods. On average, it takes companies 201 days to identify that a breach has

occurred. It takes an additional 70 days to contain the breach. This amount of time can cost a

company millions of dollars depending on the content that is stolen.

In 2012, only 1/3 of global companies surveyed by a research group, Advisen, had

purchased cyber insurance. In 2013, $1.3 Billion of cyber insurance had been purchased, up 50%

from 2012. In 2013, cyber breaches cost insurers $7.5 million, on average. In 2014, the total

industry premium was expected to be roughly $2 billion. JP Morgan Chase expects to

standardize cyber insurance on all their policies to ensure that their clients will be covered for

any loss related to a cyberbreach. In 2016, Advisen estimates that the cyberinsurance market

reached roughly $3 billion in premium. 79% of insurance companies in 2016 report that they

now offer cyberinsurance.

The risk of a cyberbreach occurring has nearly tripled since 2012 and the costs after a

breach have doubled in the same time. With increasing risk, companies and insurers, alike, have

begun investing more time and money in the cyberinsurance market. Premiums will continue to

increase and losses will continue to pile on. While protecting your clients information should

always be a companys priority, cyberinsurance has become an excellent way to reduce the losses

associated with a cyberbreach.