Can You Get Protection Against Cyber Fraud?

by Marilyn Wilson on November 6, 2017

Why Cyber Insurance? With the costs associated with running a business continuing to escalate, additional expenses are hard to justify. Cyber insurance is one of those costs most businesses will gamble on and decide to throw the dice to remove it from the expense sheet. A PWC white paper says that cyber insurance premiums will reach $7.5 billion dollars by 2020. It further says that “cyber-crime costs the global economy more the $400 billion dollars a year”. This is big money and it will only continue to intensify over time. When evaluating the risk associated with systems being compromised by brute force and phishing attacks, cyber insurance can mitigate cost exposure for a business. Remember, it is no longer if, but when your system will be compromised. The cyber thieves have found a nice ‘honey hole’ to phish, in real estate and title companies. They will continue to phish because it has been a very lucrative endeavor. To gain understanding of what happens when there has been one incident of a compromised system by a phishing campaign, read on! The costs for a breached account can spiral quickly. The first expense is to perform a computer forensic analysis. Computer forensic analysis determines how the cyber thieves initially gained access, how far into the system they gained access to, and how broadly and deeply the exposure is of the compromised system. One computer has a potential cost exposure of between $10-$20k. Let’s assume the computer and the compromised account had Personal Identifiable Information (PII) available for access. Evidence of breached PII requires that the account and computer be scanned to determine the breadth of information that could be accessed. It doesn’t even matter if the cyber thieves didn’t access the PII. It is assumed that since they gained system access, they did obtain PII. Add another $20-$30k. If the PII in the compromised system is in a PDF file as a rasterized image, the forensic company has to manually read the file and record the contact of the PII. Why? There are legal and regulatory actions necessary, requiring companies to notify anyone who’s PII has been compromised stating that their personal information may have been accessed by unauthorized personnel. How many documents are in PDF format in your company? Add another $25-35k. Attorneys are needed throughout the entire process to assist in documenting the procedures to identify PII and guide companies […]