breaking down cyber risks.breaking down cyber risks. it’s an unexpected, unintended, and/or...
TRANSCRIPT
Breaking downcyber risks.
It’s an unexpected, unintended, and/or unauthorized interference with an
organization’s technology systems or the data the organization maintains. Today it’s
been redefined in simpler terms:
It’s the risks businesses are exposed to by their
very existence.
Costly? Yes. And not surprisingly, some companies don’t even realize they have
suffered a cybersecurity breach.
When we think of cyber attacks, we usually think of a hacker inserting a virus or malicious code into a computer system or network. But data breaches can
be caused both intentionally and unintentionally by various types of users.
76%
$225
47%
of business owners report that they believe it’s important to establish security practices and policies.1
for EACH lost or stolen confidential record2
That’s over $2 MILLION on a single incident
say they have established security practices and policies.1
What is a cybersecurity breach?
What could a breach cost you?
What can I do to help protect my company against cyber attacks?
Potential benefits of having cyber liability insurance:
Will we be more susceptible in the future?
Who causes a breach?
Could it happen to you?
Example of how having a retention plan in place can help
But only
61%
52%of all data breaches (for small, medium
and large companies) are due to malicious or criminal attacks.2
of small- and medium-sized businesses reported experiencing a cyber attack in the past 12 months,
up from 55% in 2016.3
21%
48%of all data breaches are due to system
glitches (non-employee errors) and employee errors.2
of small- and medium-sized businesses rated themselves a 7 or above on a
10-point scale when it came to their IT security effectiveness.3
Only
Small businesses can be a target for hackers because they tend to be more vulnerable:
Here are some best practices:4
Security and defense systems Put multiple, overlapping
security and defense systems in place. These include firewalls, data encryption and antivirus
security software.
Covers legal fees and expenses associated with a data breach
Helps investigate the cause of the breach and determines whether the attack is still active and whether any software or hardware is damaged or corrupted
Notifies customers about the breach
Restores personal identities of customers affected by the attack
Recovers compromised data
Repairs damaged computer systems
Cyber threats continue to grow as the Internet of Things (IoT) and the number of devices used by businesses continue to increase. Automated equipment, machinery, components, appliances, sensors, control panels and mobile devices increase the vulnerability of a computer system or network in several ways:
They often utilize unsecured or poorly secured wireless or cellular networks to transmit data
Mobile devices such as a land surveyor’s GPS equipment or an EMT’s mobile monitor are more susceptible to theft, allowing thieves direct, physical access to a network
Connected equipment and devices can be hijacked and used to launch dedicated denial of service (DOS) attacks, allowing the attacker to hide behind someone else’s IP address and computer
Connected equipment and devices that are widely manufactured and distributed, such as baby monitors, alarm systems and streaming devices often use the same security protocols on every device manufactured
1Nationwide’s fourth annual Business Owner Survey (2018); Nationwide commissioned Edelman Intelligence to conduct a 20-minute, online survey between April 9-20, 2018, among a sample of 1,000 U.S. business owners. Business owners are defined as having between 1-499 employees, being 18 years or older and self-reporting as either a sole or partial owner of their business. The margin of error for this sample was +/-3 percent at the 95 percent confidence level. As a member of CASRO in good standing, Edelman Intelligence conducts all research in accordance with Market Research Standards and Guidelines.
22017 Cost of Data Breach Study: United States, Ponemon Institute, June 2017
32017 State of Cybersecurity in Small & Medium-Sized Businesses (SMB), Ponemon Institute, September 2017
4Symantec Internet Security Threat Report, April 2017
This information is designed for informational purposes only. It is not legal, tax, financial, or any other sort of advice; nor is it a substitute for such advice. The information on this site may not apply to your specific situation. We have tried to make sure the information is accurate, but it could be outdated or even inaccurate, in parts. It is the reader’s responsibility to comply with any applicable local, state, or federal regulations, and to make their own decisions about how to operate their business. Nationwide, its affiliates, and their employees make no warranties about the information, no guarantee of results, and assume no liability in connection with the information provided.
Products underwritten by Nationwide Mutual Insurance Company and Affiliated Companies. Not all Nationwide affiliated companies are mutual companies, and not all Nationwide members are insured by a mutual company. Not all products and services are available in every jurisdiction, and insurance coverage is governed by actual policy language. Subject to underwriting guidelines, review, and approval. Products and discounts not available to all persons in all states. Certain property-casualty coverages may be provided by a surplus lines insurer. Surplus lines insurers do not generally participate in state guaranty funds, and insureds are therefore not protected by such funds. Home Office: One Nationwide Plaza, Columbus, OH. Nationwide the Nationwide N and Eagle, and other marks displayed on this page are service marks of Nationwide Mutual Insurance Company, unless otherwise disclosed. © 2018 Nationwide CMO-0790AO.1 (08/18)
Employee education
Educate employees on good security practices, and
teach them how to spot phishing emails.
Alerts Receive alerts for new
vulnerabilities in vendor systems and platforms, and be
sure to install any patches.
Disaster recovery plan
Develop a formal, well- tested disaster recovery plan. Update it regularly and make sure everyone involved in the plan understands his or her
specific responsibilities.
Password security
Implement a password policy to ensure the security and
confidentiality of data.
Formal data retention, archive
and destruction plan Implement a formal data
retention, archive and destruction plan and be sure
to monitor it closely to ensure that it is followed.
Records on 5,000 customers, vendors and employees on a system are breached.
Total cleanup cost is over $1 MILLION
Having a data retention policy in place couldDROP COST DOWN TO $562,500
(if inactive records are moved to a different system and outdated or irrelevant data is destroyed appropriately)
Find out what cyber coverage works best for you.
Call us directly at1-888-891-0119
Cost is $225 PER RECORD
(even if half of them are inactive)
Find an agent
Insurance terms, definitions and explanations are intended for informational purposes only and do not in any way replace or modify the definitions and information contained in individual insurance contracts, policies or declaration pages, which are controlling. Such terms and availability may vary by state and exclusions may apply.
Small- and medium-sized businesses ended up spending over
$1 MILLIONon average in 2017 on damage or theft
of IT assets or infrastructure.3
And spent an additional
$1.2 MILLIONdue to disruption in
business operations.3
Breaking downcyber risks.
It’s an unexpected, unintended, and/or unauthorized interference with an
organization’s technology systems or the data the organization maintains. Today it’s
been redefined in simpler terms:
It’s the risks businesses are exposed to by their
very existence.
Costly? Yes. And not surprisingly, some companies don’t even realize they have
suffered a cybersecurity breach.
What is a cybersecurity
breach?
What could a breach cost you?
76%
47%
of business owners report that they believe it’s important to establish security practices and policies.1
say they have established security practices and policies.1
But only
When we think of cyber attacks, we usually think of a hacker inserting a
virus or malicious code into a computer system or network. But data breaches can be caused both intentionally and
unintentionally by various types of users.
Who causes a breach?
52%of all data breaches (for small,
medium and large companies) are due to malicious or criminal attacks.2
48%of all data breaches are due to system glitches (non-employee errors) and employee errors.2
$225for EACH lost or stolen
confidential record2
Small- and medium-sized businesses ended up spending over
$1 MILLIONon average in 2017 on damage or theft
of IT assets or infrastructure.3
And spent an additional
$1.2 MILLIONdue to disruption in business operations.3
That’s over $2 MILLION on a single incident
Small businesses can be a target for hackers because they tend to be
more vulnerable:
Could it happen to you?
Example of how having a retention
plan in place can help
61%of small- and medium-sized
businesses reported experiencing a cyber attack in the past 12 months,
up from 55% in 2016.3
21%of small- and medium-sized businesses
rated themselves a 7 or above on a 10-point scale when it came to their IT
security effectiveness.3
Only
What could a breach cost you?
Here are some best practices:4
Security and defense systems Put multiple, overlapping
security and defense systems in place. These include firewalls, data encryption and antivirus
security software.
Alerts Receive alerts for new
vulnerabilities in vendor systems and platforms, and be
sure to install any patches.
Password security
Implement a password policy to ensure the security and
confidentiality of data.
Employee education
Educate employees on good security practices, and teach them
how to spot phishing emails.
Disaster recovery plan
Develop a formal, well- tested disaster recovery plan. Update it regularly and make sure everyone involved in the plan understands his
or her specific responsibilities.
Formal data retention, archive
and destruction plan Implement a formal data retention, archive and destruction plan and be sure to monitor it closely to ensure
that it is followed.
Records on 5,000 customers, vendors and employees on a system
are breached.
Cost is $225 PER RECORD (even if half of them are inactive)
Total cleanup cost is over $1 MILLION
Having a data retention policy in place could
DROP COST DOWN TO $562,500
(if inactive records are moved to a different system and outdated or irrelevant data is destroyed
appropriately)
Potential benefits of having cyber
liability insurance:
Will we be more susceptible in
the future?
Covers legal fees and expenses associated with a data breach
Helps investigate the cause of the breach and determines whether the attack is still active and whether any software or hardware is damaged or corrupted
Notifies customers about the breach
Restores personal identities of customers affected by the attack
Recovers compromised data
Repairs damaged computer systems
They often utilize unsecured or poorly secured wireless or cellular networks to transmit data
Mobile devices such as a land surveyor’s GPS equipment or an EMT’s mobile monitor are more susceptible to theft, allowing thieves direct, physical access to a network
Connected equipment and devices can be hijacked and used to launch dedicated denial of service (DOS) attacks, allowing the attacker to hide behind someone else’s IP address and computer
Connected equipment and devices that are widely manufactured and distributed, such as baby monitors, alarm systems and streaming devices often use the same security protocols on every device manufactured
Insurance terms, definitions and explanations are intended for informational purposes only and do not in any way replace or modify the definitions and information contained in individual insurance contracts, policies or declaration pages, which are controlling. Such terms and availability may vary by state and exclusions may apply.
Cyber threats continue to grow as the Internet of Things (IoT) and the number of devices used by businesses continue
to increase. Automated equipment, machinery, components, appliances,
sensors, control panels and mobile devices increase the vulnerability of a computer
system or network in several ways:
Find out what cyber coverage
works best for you.
Call us directly at1-888-891-0119
Find an agent
1Nationwide’s fourth annual Business Owner Survey (2018); Nationwide commissioned Edelman Intelligence to conduct a 20-minute, online survey between April 9-20, 2018, among a sample of 1,000 U.S. business owners. Business owners are defined as having between 1-499 employees, being 18 years or older and self-reporting as either a sole or partial owner of their business. The margin of error for this sample was +/-3 percent at the 95 percent confidence level. As a member of CASRO in good standing, Edelman Intelligence conducts all research in accordance with Market Research Standards and Guidelines.
22017 Cost of Data Breach Study: United States, Ponemon Institute, June 2017
32017 State of Cybersecurity in Small & Medium-Sized Businesses (SMB), Ponemon Institute, September 2017
4Symantec Internet Security Threat Report, April 2017
This information is designed for informational purposes only. It is not legal, tax, financial, or any other sort of advice; nor is it a substitute for such advice. The information on this site may not apply to your specific situation. We have tried to make sure the information is accurate, but it could be outdated or even inaccurate, in parts. It is the reader’s responsibility to comply with any applicable local, state, or federal regulations, and to make their own decisions about how to operate their business. Nationwide, its affiliates, and their employees make no warranties about the information, no guarantee of results, and assume no liability in connection with the information provided.
Products underwritten by Nationwide Mutual Insurance Company and Affiliated Companies. Not all Nationwide affiliated companies are mutual companies, and not all Nationwide members are insured by a mutual company. Not all products and services are available in every jurisdiction, and insurance coverage is governed by actual policy language. Subject to underwriting guidelines, review, and approval. Products and discounts not available to all persons in all states. Certain property-casualty coverages may be provided by a surplus lines insurer. Surplus lines insurers do not generally participate in state guaranty funds, and insureds are therefore not protected by such funds. Home Office: One Nationwide Plaza, Columbus, OH. Nationwide the Nationwide N and Eagle, and other marks displayed on this page are service marks of Nationwide Mutual Insurance Company, unless otherwise disclosed. © 2018 Nationwide CMO-0790AO.1 (08/18)