The statistics on how many small businesses (that’s everyone with fewer than 5,000 employees) are getting hurt by Cyber crime are really staggering. All of our clients are somewhere under 200 people and in that size range, the incident of reported crimes went up by 300% last year. Imagine how many more of them have gone unreported to the state police or FBI. The amount of money stolen has also gone way up and the techniques for getting at it are really sophisticated now too. The only thing that stands between you and losing tens of thousands of dollars are your employees. We can do what we can do on the IT end of things but most often now, the bad guys are going direct to your employees and asking them to send money to a bogus bank account or click on this link. Once that happens it’s game over.
A few months ago I heard from one of our clients that their insurance provider said that they couldn’t get cyber insurance. Well, I have it so I know it’s available. I spoke to the firm that provides ours and as long as you are a customer of ours, you can have cyber insurance. They are asking us to vouch for your internal security efforts. So you’ll need to have certain things in place to qualify like Windows 10, PCI compliance, firewalls and anti-virus as appropriate, MFA, backup and employee security training. This insurance is backed by Llyods.
The price varies according to your annual revenues but they tell me it’s in the range of $40 per $500k of revenue. They will come back to you with the price once the paper work has been completed.
Here’s the summary of the offer: Let us know if you’d to get a quote and I can send over the forms.
Insuring Agreements included on the CyberBreach Policy are as follows:
• Security Liability – Covers the Unauthorized Access of a network that leads to the destruction, deletion or corruption of electronic data as well as the failure to prevent the transmission of Malicious Code from Computer Systems to third party computers and systems.
• Privacy Liability – Covers the theft, loss or unauthorized disclosure of Personally Identifiable Non- Public Information or Third Party Corporate Information that is in your care, custody or control.
• Breach Response Costs – According to the 2017 NetDiligence Cyber Claims Study, the median number of records exposed in this report was 1,091 and the median cost per- record was $46.50. This is a $50,000+ claim. You need coverage to notify the affected individuals as well as the potential expenses arising from credit monitoring.
• Crisis Management Expense – If a breach does occur and your company makes the newspaper or network news, you better believe your competition will use this against you to try and take your clients. You need coverage for the costs associated to hire a public relations firm to avert or mitigate material damage against your reputation.
• Forensic Expense – Provides coverage for the cost of retaining an attorney to advise you of your obligations under data breach notification laws in the event of a network security breach impacting PII, as well as the cost of hiring a computer security expert to determine the existence, cause and extent of the breach.
• Regulatory Coverage – This coverage is for claims expenses and penalties if a governmental agency or regulatory body brings an enforcement action against you for a violation of a law protecting the confidentiality and security of Personally Identifiable Information.
• Digital Asset Restoration Costs ‐ Provides coverage for the cost of restoring or replacing data, regardless of whether it is your or your client’s, as a result of a security breach on your network or your cloud service provider’s network
• Business Income Coverage ‐ If your business is unable to operate due to a cyber breach of your network or the network of your cloud service provider, this coverage provides business interruption coverage.
• Cyber Extortion Threat – Cyber extortionists may threaten to harm you, your reputation, or your property if you do not comply with their demands. Cyber extortion can take many forms. For example, the cybercriminal may use “ransomware” to encrypt your data, which means you can’t read your data without the encryption key – and the cybercriminal will withhold this key until payment is made. This coverage is needed for situations where you must make a payment to eliminate credible threats.
• Cyber-Theft Loss – Cyber-attacks are now more sophisticated than ever before. This coverage will reimburse your company for the loss of money due to the unauthorized transfer of funds, service credits or tangible property.
• Cyber-Fraud Event – This occurs when a criminal enterprise disguises themselves as an employee, client or vendor and tricks someone at your organization into transferring funds to an account under their control. This could come from a phishing attack or social engineering email, text or instant message.
• PCI DSS Assessment Coverage – Did you know that businesses are required to implement a set of security standards to protect credit card data? This insuring agreement provides coverage for assessments, fines or penalties imposed by banks or credit card companies due to non-compliance with the Payment Card Industry Data Security Standard (PCI DSS) or payment card company rules.
About Harbor Computer Services
Harbor Computer Services is an IT firm servicing Southeastern Michigan. We work exclusively under contract with our clients to provide technology direction and either become the IT department or provide assistance to the internal IT they already have. We have won many awards for our work over the years, including the worldwide Microsoft Partner of the Year in 2010. We’re the smallest firm to have ever won this most prestigious award. Most recently we were recognized as one of the top 20 visionaries in small business IT by ChannelPro Magazine (2015). And in 2016 as the top Michigan IT firm for Manufacturing. There are a few simple things that make Harbor Computer Services the best choice for your business. •We are Professionals •We are Responsible •We are Concerned About The Success of Your Business