If your company stores data and information digitally, you should have a cyber risk management program that addresses prevention, disclosure, crisis management and insurance coverage in the event of a data breach. Good cyber risk management requires the planning and execution of these four components:
1. Develop Strategies to Prevent a Data Breach
Some strategies could include encrypting all devices used by employees, including laptops, tablets and smartphones. Encrypting these devices will prevent unauthorized access if a device is lost or stolen. Unencrypted devices are often not covered by a cyber liability policy. An important part of your strategy should include educating employees about phishing and scams. Remind them not to click on anything that looks suspicious. Analyze your cyber risks from three different perspectives: technology, people and processes. This risk assessment will give you a clear picture of potential holes in your security. Revisit and revise your plan regularly.
2. Know Your Disclosure Policies
If you experience a data breach, you may be legally required to notify certain people. If your company is publicly traded, guidelines issued by the SEC make it clear that you must report cyber security incidents to stockholders. The SEC advises timely, comprehensive and accurate disclosure about risks and events that would be important for an investor or client to know about.
3. Develop a Crisis Management & Response Plan
Preparedness is key when developing your cyber risk management program. When you experience a data breach, you need to be prepared to respond quickly and appropriately. Determine how and when the breach occurred, what information was obtained and how many individuals were affected. Then, asses the risk you face because of the breach and how you will mitigate those risks. When you are managing the crisis, let your clients know what actions you are taking. Focus on improving future actions to help restore trust with your stakeholders and clients. Your lawyers, risk managers and IT department should work together to create and refine your plan. Be sure that everyone knows their responsibilities in the plan.
4. Protect Your Data & Your Business
Your cyber risk management program should include cyber liability insurance coverage that fits the needs of your business. Cyber Liability Insurance is specifically designed to address the risks that come with using modern technology - risks that other types of business liability coverage simply won't cover.
The level of coverage your business needs is based on your individual operations and can vary depending
on your range of exposure - let us help.
Contact Carriage Trade Insurance to learn more about our Cyber Liability & Business coverage options.